CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2017-7202

Multiple Cross-Site Scripting (XSS) were discovered in SLiMS 7 Cendana before 2017-03-16. The vulnerabilities exist due to insufficient filtration of user-supplied data (id) passed to the 'slims7_cendana-master/template/default/detail_template.php' and 'slims7_cendana-master/template/default-rtl/detail_template.php' URLs. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 47.2%

CVSS Severity

CVSS v3 Score 6.1

CVSS v2 Score 4.3

References

http://www.securityfocus.com/bid/97004
https://github.com/slims/slims7_cendana/issues/50
http://www.securityfocus.com/bid/97004
https://github.com/slims/slims7_cendana/issues/50

Products affected by CVE-2017-7202

Slims » Slims7 Cendana » Version: 62b8ee8b51be89fc65e0d59b01c3724737f9da20

cpe:2.3:a:slims:slims7_cendana:62b8ee8b51be89fc65e0d59b01c3724737f9da20

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-7202

Products

Pricing

Contact Us