Vulnerability Details CVE-2017-8801
Trend Micro OfficeScan 11.0 before SP1 CP 6325 (with Agent Module Build before 6152) and XG before CP 1352 has XSS via a crafted URI using a blocked website.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 55.3%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 4.3
References
- http://files.trendmicro.com/products/officescan/11.0_SP1/readme/osce-11-sp1-patch1-win-all-criticalpatch-6325_readme.txt
- https://success.trendmicro.com/solution/1117204-security-bulletin-trend-micro-officescan-11-xg-multiple-vulnerabilities
- http://files.trendmicro.com/products/officescan/11.0_SP1/readme/osce-11-sp1-patch1-win-all-criticalpatch-6325_readme.txt
- https://success.trendmicro.com/solution/1117204-security-bulletin-trend-micro-officescan-11-xg-multiple-vulnerabilities
Products affected by CVE-2017-8801
-
cpe:2.3:a:trendmicro:officescan:11.0
-
cpe:2.3:a:trendmicro:officescan:12.0