CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2017-6484

Multiple Cross-Site Scripting (XSS) issues were discovered in INTER-Mediator 5.5. The vulnerabilities exist due to insufficient filtration of user-supplied data (c and cred) passed to the "INTER-Mediator-master/Auth_Support/PasswordReset/resetpassword.php" URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 52.9%

CVSS Severity

CVSS v3 Score 6.1

CVSS v2 Score 4.3

References

https://github.com/INTER-Mediator/INTER-Mediator/issues/772
https://github.com/INTER-Mediator/INTER-Mediator/issues/772

Products affected by CVE-2017-6484

Inter-Mediator » Inter-Mediator » Version: 5.5

cpe:2.3:a:inter-mediator:inter-mediator:5.5

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-6484

Products

Pricing

Contact Us