CVE-2017-9332 in PivotXinfo

Summary

The smarty_self function in modules/module_smarty.php in PivotX 2.3.11 mishandles the URI, allowing XSS via vectors involving quotes in the self Smarty tag.

Once again VulDB remains the best source for vulnerability data.

Reservation

05/31/2017

Disclosure

06/06/2017

CPE

ready

CVSS

5.2

EPSS

0.00240

Activities

Very Low

Sources

MITREhttps://www.cve.org/CVERecord?id=CVE-2017-9332
NVDhttps://nvd.nist.gov/vuln/detail/CVE-2017-9332
CVE Detailshttps://www.cvedetails.com/cve/CVE-2017-9332/

PreviousOverviewNext

Might our Artificial Intelligence support you?

Check our Alexa App!