CVE-2017-20057 in Elefantinfo

Summary

by MITRE • 06/20/2022

A vulnerability classified as problematic has been found in Elefant CMS 1.3.12-RC. Affected is an unknown function. The manipulation of the argument username leads to basic cross site scripting (Persistent). It is possible to launch the attack remotely. Upgrading to version 1.3.13 is able to address this issue. It is recommended to upgrade the affected component.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Responsible

VulDB

Disclosure

06/20/2022

Moderation

accepted

Entry

VDB-97254

CPE

ready

CWE

CWE-80 (confirmed)

CVSS

4.3 (VulDB)

EPSS

0.00240

KEV

Activities

very low

Sector

Hostingprovider, Agriculture, ...

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2017-20057
NVD	https://nvd.nist.gov/vuln/detail/CVE-2017-20057
CVE Details	https://www.cvedetails.com/cve/CVE-2017-20057/

◂ Previous Overview Next ▸

Do you need the next level of professionalism?

Upgrade your account now!