Vulnerability Details CVE-2017-7250
A Cross-Site Scripting (XSS) was discovered in Gazelle before 2017-03-19. The vulnerability exists due to insufficient filtration of user-supplied data (action) passed to the 'Gazelle-master/sections/tools/finances/bitcoin_balance.php' URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 54.1%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 4.3
References
Products affected by CVE-2017-7250
-
cpe:2.3:a:gazelle_project:gazelle:2013-06-14
-
cpe:2.3:a:gazelle_project:gazelle:2013-06-15
-
cpe:2.3:a:gazelle_project:gazelle:2013-06-16
-
cpe:2.3:a:gazelle_project:gazelle:2013-06-19
-
cpe:2.3:a:gazelle_project:gazelle:2013-06-23
-
cpe:2.3:a:gazelle_project:gazelle:2013-06-24
-
cpe:2.3:a:gazelle_project:gazelle:2013-06-30
-
cpe:2.3:a:gazelle_project:gazelle:2013-07-01
-
cpe:2.3:a:gazelle_project:gazelle:2013-07-03
-
cpe:2.3:a:gazelle_project:gazelle:2013-07-04
-
cpe:2.3:a:gazelle_project:gazelle:2013-07-06
-
cpe:2.3:a:gazelle_project:gazelle:2013-07-08
-
cpe:2.3:a:gazelle_project:gazelle:2013-07-13
-
cpe:2.3:a:gazelle_project:gazelle:2013-07-23
-
cpe:2.3:a:gazelle_project:gazelle:2013-07-30
-
cpe:2.3:a:gazelle_project:gazelle:2013-08-05
-
cpe:2.3:a:gazelle_project:gazelle:2013-08-08
-
cpe:2.3:a:gazelle_project:gazelle:2013-08-24
-
cpe:2.3:a:gazelle_project:gazelle:2013-08-25
-
cpe:2.3:a:gazelle_project:gazelle:2013-08-28
-
cpe:2.3:a:gazelle_project:gazelle:2013-09-01
-
cpe:2.3:a:gazelle_project:gazelle:2013-09-05
-
cpe:2.3:a:gazelle_project:gazelle:2013-09-12
-
cpe:2.3:a:gazelle_project:gazelle:2013-09-14
-
cpe:2.3:a:gazelle_project:gazelle:2013-09-22
-
cpe:2.3:a:gazelle_project:gazelle:2013-09-28
-
cpe:2.3:a:gazelle_project:gazelle:2013-09-30
-
cpe:2.3:a:gazelle_project:gazelle:2013-10-01
-
cpe:2.3:a:gazelle_project:gazelle:2013-10-05
-
cpe:2.3:a:gazelle_project:gazelle:2013-10-10
-
cpe:2.3:a:gazelle_project:gazelle:2013-10-13
-
cpe:2.3:a:gazelle_project:gazelle:2013-10-16
-
cpe:2.3:a:gazelle_project:gazelle:2013-10-17
-
cpe:2.3:a:gazelle_project:gazelle:2013-10-22
-
cpe:2.3:a:gazelle_project:gazelle:2013-10-23
-
cpe:2.3:a:gazelle_project:gazelle:2013-10-24
-
cpe:2.3:a:gazelle_project:gazelle:2013-10-25
-
cpe:2.3:a:gazelle_project:gazelle:2013-10-26
-
cpe:2.3:a:gazelle_project:gazelle:2013-10-28
-
cpe:2.3:a:gazelle_project:gazelle:2013-10-31
-
cpe:2.3:a:gazelle_project:gazelle:2013-11-02
-
cpe:2.3:a:gazelle_project:gazelle:2013-11-06
-
cpe:2.3:a:gazelle_project:gazelle:2013-11-08
-
cpe:2.3:a:gazelle_project:gazelle:2013-11-09
-
cpe:2.3:a:gazelle_project:gazelle:2013-11-23
-
cpe:2.3:a:gazelle_project:gazelle:2013-11-25
-
cpe:2.3:a:gazelle_project:gazelle:2013-11-30
-
cpe:2.3:a:gazelle_project:gazelle:2013-12-01
-
cpe:2.3:a:gazelle_project:gazelle:2013-12-10
-
cpe:2.3:a:gazelle_project:gazelle:2013-12-12
-
cpe:2.3:a:gazelle_project:gazelle:2013-12-15
-
cpe:2.3:a:gazelle_project:gazelle:2013-12-16
-
cpe:2.3:a:gazelle_project:gazelle:2013-12-22
-
cpe:2.3:a:gazelle_project:gazelle:2013-12-23
-
cpe:2.3:a:gazelle_project:gazelle:2013-12-24
-
cpe:2.3:a:gazelle_project:gazelle:2013-12-25
-
cpe:2.3:a:gazelle_project:gazelle:2013-12-28
-
cpe:2.3:a:gazelle_project:gazelle:2014-01-04
-
cpe:2.3:a:gazelle_project:gazelle:2014-01-05
-
cpe:2.3:a:gazelle_project:gazelle:2014-01-18
-
cpe:2.3:a:gazelle_project:gazelle:2014-01-23
-
cpe:2.3:a:gazelle_project:gazelle:2014-01-27
-
cpe:2.3:a:gazelle_project:gazelle:2014-01-28
-
cpe:2.3:a:gazelle_project:gazelle:2014-02-11
-
cpe:2.3:a:gazelle_project:gazelle:2014-02-19
-
cpe:2.3:a:gazelle_project:gazelle:2014-02-27
-
cpe:2.3:a:gazelle_project:gazelle:2014-03-12
-
cpe:2.3:a:gazelle_project:gazelle:2014-03-16
-
cpe:2.3:a:gazelle_project:gazelle:2014-03-17
-
cpe:2.3:a:gazelle_project:gazelle:2014-03-18
-
cpe:2.3:a:gazelle_project:gazelle:2014-03-20
-
cpe:2.3:a:gazelle_project:gazelle:2014-03-22
-
cpe:2.3:a:gazelle_project:gazelle:2014-03-24
-
cpe:2.3:a:gazelle_project:gazelle:2014-03-25
-
cpe:2.3:a:gazelle_project:gazelle:2014-03-31
-
cpe:2.3:a:gazelle_project:gazelle:2014-04-05
-
cpe:2.3:a:gazelle_project:gazelle:2014-04-06
-
cpe:2.3:a:gazelle_project:gazelle:2014-04-09
-
cpe:2.3:a:gazelle_project:gazelle:2014-04-20
-
cpe:2.3:a:gazelle_project:gazelle:2014-10-20
-
cpe:2.3:a:gazelle_project:gazelle:2014-10-27
-
cpe:2.3:a:gazelle_project:gazelle:2014-10-30
-
cpe:2.3:a:gazelle_project:gazelle:2014-11-03
-
cpe:2.3:a:gazelle_project:gazelle:2014-11-06
-
cpe:2.3:a:gazelle_project:gazelle:2015-10-19
-
cpe:2.3:a:gazelle_project:gazelle:2015-10-21
-
cpe:2.3:a:gazelle_project:gazelle:2015-10-24
-
cpe:2.3:a:gazelle_project:gazelle:2015-10-27
-
cpe:2.3:a:gazelle_project:gazelle:2015-10-30
-
cpe:2.3:a:gazelle_project:gazelle:2015-10-31
-
cpe:2.3:a:gazelle_project:gazelle:2015-11-06
-
cpe:2.3:a:gazelle_project:gazelle:2015-11-13
-
cpe:2.3:a:gazelle_project:gazelle:2015-11-14
-
cpe:2.3:a:gazelle_project:gazelle:2015-11-19
-
cpe:2.3:a:gazelle_project:gazelle:2015-11-20
-
cpe:2.3:a:gazelle_project:gazelle:2015-12-01
-
cpe:2.3:a:gazelle_project:gazelle:2015-12-16
-
cpe:2.3:a:gazelle_project:gazelle:2015-12-18
-
cpe:2.3:a:gazelle_project:gazelle:2015-12-20
-
cpe:2.3:a:gazelle_project:gazelle:2015-12-24
-
cpe:2.3:a:gazelle_project:gazelle:2016-01-03
-
cpe:2.3:a:gazelle_project:gazelle:2016-01-05
-
cpe:2.3:a:gazelle_project:gazelle:2016-01-07
-
cpe:2.3:a:gazelle_project:gazelle:2016-01-08
-
cpe:2.3:a:gazelle_project:gazelle:2016-01-10
-
cpe:2.3:a:gazelle_project:gazelle:2016-01-19
-
cpe:2.3:a:gazelle_project:gazelle:2016-01-23
-
cpe:2.3:a:gazelle_project:gazelle:2016-01-27
-
cpe:2.3:a:gazelle_project:gazelle:2016-01-31
-
cpe:2.3:a:gazelle_project:gazelle:2016-02-04
-
cpe:2.3:a:gazelle_project:gazelle:2016-02-05
-
cpe:2.3:a:gazelle_project:gazelle:2016-02-06
-
cpe:2.3:a:gazelle_project:gazelle:2016-02-10
-
cpe:2.3:a:gazelle_project:gazelle:2016-02-11
-
cpe:2.3:a:gazelle_project:gazelle:2016-02-13
-
cpe:2.3:a:gazelle_project:gazelle:2016-02-18
-
cpe:2.3:a:gazelle_project:gazelle:2016-11-01