SANADATA SanaCMS 7.3 index.asp search cross site scripting

entryeditHistoryDiffjsonxmlCTI

A vulnerability, which was classified as problematic, has been found in SANADATA SanaCMS 7.3. Affected by this issue is an unknown function of the file index.asp. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Field02/06/2017 07:26 PM08/11/2020 10:45 AM
vendorSANADATASANADATA
nameSanaCMSSanaCMS
version7.37.3
fileindex.aspindex.asp
argumentsearchsearch
cwe79 (cross site scripting)79 (cross site scripting)
risk11
cvss2_vuldb_basescore4.34.3
cvss2_vuldb_tempscore4.34.3
cvss2_vuldb_avNN
cvss2_vuldb_acMM
cvss2_vuldb_auNN
cvss2_vuldb_ciNN
cvss2_vuldb_iiPP
cvss2_vuldb_aiNN
cvss2_nvd_avNN
cvss2_nvd_acMM
cvss2_nvd_auNN
cvss2_nvd_ciNN
cvss2_nvd_iiPP
cvss2_nvd_aiNN
cvss3_meta_basescore5.25.2
cvss3_meta_tempscore5.25.2
cvss3_vuldb_basescore4.34.3
cvss3_vuldb_tempscore4.34.3
cvss3_vuldb_avNN
cvss3_vuldb_acLL
cvss3_vuldb_prNN
cvss3_vuldb_uiRR
cvss3_vuldb_sUU
cvss3_vuldb_cNN
cvss3_vuldb_iLL
cvss3_vuldb_aNN
cvss3_nvd_avNN
cvss3_nvd_acLL
cvss3_nvd_prNN
cvss3_nvd_uiRR
cvss3_nvd_sCC
cvss3_nvd_cLL
cvss3_nvd_iLL
cvss3_nvd_aNN
date1486166400 (02/04/2017)1486166400 (02/04/2017)
urlhttp://www.securityfocus.com/bid/96038http://www.securityfocus.com/bid/96038
price_0day$0-$5k$0-$5k
cveCVE-2017-5882CVE-2017-5882
cve_nvd_published14861664001486166400
cve_nvd_summaryCross-site scripting (XSS) vulnerability in index.asp in SANADATA SanaCMS 7.3 allows remote attackers to inject arbitrary web script or HTML via the search parameter.Cross-site scripting (XSS) vulnerability in index.asp in SANADATA SanaCMS 7.3 allows remote attackers to inject arbitrary web script or HTML via the search parameter.
securityfocus9603896038
securityfocus_titleSanaCMS CVE-2017-5882 Cross Site Scripting VulnerabilitySanaCMS CVE-2017-5882 Cross Site Scripting Vulnerability
locationWebsiteWebsite
cvss2_vuldb_eNDND
cvss2_vuldb_rlNDND
cvss2_vuldb_rcNDND
cvss3_vuldb_eXX
cvss3_vuldb_rlXX
cvss3_vuldb_rcXX
cvss3_nvd_basescore6.16.1
discoverydate1486252800
cve_assigned1486166400
osvdb_titleCVE-2017-5882 - SANADATA - SanaCMS - Cross-Site Scripting Issue
securityfocus_date1486166400 (02/04/2017)
securityfocus_classInput Validation Error

Want to stay up to date on a daily basis?

Enable the mail alert feature now!