CVE-2017-7463 in JBoss BRMSinformación

Resumen

por MITRE

JBoss BRMS 6 and BPM Suite 6 before 6.4.3 are vulnerable to a reflected XSS via artifact upload. A malformed XML file, if uploaded, causes an error message to appear that includes part of the bad XML code verbatim without filtering out scripts. Successful exploitation would allow execution of script code within the context of the affected user.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Responsable

Red Hat, Inc.

Reservar

2017-04-05

Divulgación

2018-07-27

Moderación

aceptado

Artículo

VDB-122294

CPE

listo

CWE

CWE-79 (confirmado)

CVSS

6.1 (NVD)

EPSS

0.00655

KEV

Actividades

muy bajo

Sector

Police, Industry, ...

Fuentes

MITRE	https://www.cve.org/CVERecord?id=CVE-2017-7463
NVD	https://nvd.nist.gov/vuln/detail/CVE-2017-7463
CVE Details	https://www.cvedetails.com/cve/CVE-2017-7463/

◂ Anterior Visión De Conjunto Próximo ▸

Interested in the pricing of exploits?

See the underground prices here!