CVE-2017-7463 in JBoss BRMSinformação

Sumário

de MITRE

JBoss BRMS 6 and BPM Suite 6 before 6.4.3 are vulnerable to a reflected XSS via artifact upload. A malformed XML file, if uploaded, causes an error message to appear that includes part of the bad XML code verbatim without filtering out scripts. Successful exploitation would allow execution of script code within the context of the affected user.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Responsável

Red Hat, Inc.

Reservar

05/04/2017

Divulgação

27/07/2018

Moderação

aceite

Entrada

VDB-122294

CPE

pronto

CWE

CWE-79 (confirmado)

CVSS

6.1 (NVD)

EPSS

0.00655

KEV

não

Atividades

muito baixo

Sector

Pharma, Education, ...

Fontes

MITRE	https://www.cve.org/CVERecord?id=CVE-2017-7463
NVD	https://nvd.nist.gov/vuln/detail/CVE-2017-7463
CVE Details	https://www.cvedetails.com/cve/CVE-2017-7463/

◂ Voltar Visão Geral Próximo ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!