Vulnerability Details CVE-2017-16015
Forms is a library for easily creating HTML forms. Versions before 1.3.0 did not have proper html escaping. This means that if the application did not sanitize html on behalf of forms, use of forms may be vulnerable to cross site scripting
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 47.2%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 4.3
References
Products affected by CVE-2017-16015
-
cpe:2.3:a:forms_project:forms:0.1.0
-
cpe:2.3:a:forms_project:forms:0.1.1
-
cpe:2.3:a:forms_project:forms:0.1.2
-
cpe:2.3:a:forms_project:forms:0.1.3
-
cpe:2.3:a:forms_project:forms:0.1.4
-
cpe:2.3:a:forms_project:forms:0.10.0
-
cpe:2.3:a:forms_project:forms:0.2.0
-
cpe:2.3:a:forms_project:forms:0.2.1
-
cpe:2.3:a:forms_project:forms:0.2.2
-
cpe:2.3:a:forms_project:forms:0.2.3
-
cpe:2.3:a:forms_project:forms:0.3.0
-
cpe:2.3:a:forms_project:forms:0.4.0
-
cpe:2.3:a:forms_project:forms:0.4.1
-
cpe:2.3:a:forms_project:forms:0.5.0
-
cpe:2.3:a:forms_project:forms:0.6.0
-
cpe:2.3:a:forms_project:forms:0.7.0
-
cpe:2.3:a:forms_project:forms:0.8.0
-
cpe:2.3:a:forms_project:forms:0.8.1
-
cpe:2.3:a:forms_project:forms:0.9.0
-
cpe:2.3:a:forms_project:forms:0.9.1
-
cpe:2.3:a:forms_project:forms:0.9.2
-
cpe:2.3:a:forms_project:forms:0.9.3
-
cpe:2.3:a:forms_project:forms:0.9.4
-
cpe:2.3:a:forms_project:forms:0.9.5
-
cpe:2.3:a:forms_project:forms:0.9.6
-
cpe:2.3:a:forms_project:forms:1.0.0
-
cpe:2.3:a:forms_project:forms:1.1.0
-
cpe:2.3:a:forms_project:forms:1.1.1
-
cpe:2.3:a:forms_project:forms:1.1.2
-
cpe:2.3:a:forms_project:forms:1.1.3
-
cpe:2.3:a:forms_project:forms:1.1.4
-
cpe:2.3:a:forms_project:forms:1.2.0
-
cpe:2.3:a:forms_project:forms:1.2.1