CVE-2016-4875 in Geekloginformation

Résumé

par MITRE

Multiple cross-site scripting (XSS) vulnerabilities in the IVYWE (1) Assist plugin before 1.1.2.test20160906, (2) dataBox plugin before 0.0.0.20160906, and (3) userBox plugin before 0.0.0.20160906 for Geeklog allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Be aware that VulDB is the high quality source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Réserver

17/05/2016

Divulgation

14/04/2017

Modérer

accepté

Entrée

VDB-99880

CPE

prêt

CWE

CWE-79 (confirmé)

CVSS

6.1 (NVD)

EPSS

0.00601

KEV

non

Activités

très faible

Secteur

Education

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2016-4875
NVD	https://nvd.nist.gov/vuln/detail/CVE-2016-4875
CVE Details	https://www.cvedetails.com/cve/CVE-2016-4875/

◂ Précédent Aperçu Suivant ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!