CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2017-14973

IDenticard Two-Reader Controller Configuration Manager 1.18.8 (396) is vulnerable to Stored Cross-Site Scripting (XSS) via the notes field in /~user_handler?file=logged_in.shtm (aka the edit user page).

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 43.1%

CVSS Severity

CVSS v3 Score 5.4

CVSS v2 Score 3.5

References

https://raw.githubusercontent.com/badbiddy/Vulnerability-Disclosure/master/IDenticard%20Two-Reader%20Controller%20%3C%201.18.8%20-%20CVE-2017-14973
https://raw.githubusercontent.com/badbiddy/Vulnerability-Disclosure/master/IDenticard%20Two-Reader%20Controller%20%3C%201.18.8%20-%20CVE-2017-14973

Products affected by CVE-2017-14973

Identicard » Two-Reader Controller Configuration Manager » Version: 1.18.8_(396)

cpe:2.3:a:identicard:two-reader_controller_configuration_manager:1.18.8_(396)

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-14973

Products

Pricing

Contact Us