Shodan
Vulnerabilities
Vulnerable Software
Flyspray:  >> Flyspray  >> 1.0  Security Vulnerabilities
CVE-2017-15213
Stored XSS vulnerability in Flyspray before 1.0-rc6 allows an authenticated user to inject JavaScript to gain administrator privileges, via the real_name or email_address field to themes/CleanFS/templates/common.editallusers.tpl.
CVSS Score
5.4
EPSS Score
0.003
Published
2017-10-11
CVE-2017-15214
Stored XSS vulnerability in Flyspray 1.0-rc4 before 1.0-rc6 allows an authenticated user to inject JavaScript to gain administrator privileges and also to execute JavaScript against other users (including unauthenticated users), via the name, title, or id parameter to plugins/dokuwiki/lib/plugins/changelinks/syntax.php.
CVSS Score
5.4
EPSS Score
0.006
Published
2017-10-11


Products
Pricing
Contact Us

Shodan ® - All rights reserved