Lucene search

K

CVE-2017-15717

🗓️ 10 Jan 2018 14:00:29Reported by apacheType 
cve
 cve
🔗 web.nvd.nist.gov👁 54 Views

A flaw in URL encoding in Apache Sling XSS Protection APIs, allowing XSS payloads. Affected versions: 1.0.4 to 1.0.18, 1.1.0, 2.0.0

Show more
Related
Detection
Affected
Refs
ReporterTitlePublishedViews
Family
OSV
Cross-site Scripting in Apache Sling XSS Protection API
14 May 202203:46
osv
OSV
CVE-2017-15717
10 Jan 201814:29
osv
Github Security Blog
Cross-site Scripting in Apache Sling XSS Protection API
14 May 202203:46
github
Cvelist
CVE-2017-15717
10 Jan 201814:00
cvelist
Prion
Code injection
10 Jan 201814:29
prion
Veracode
Cross-site Scripting (XSS)
11 Jan 201805:40
veracode
NVD
CVE-2017-15717
10 Jan 201814:29
nvd
Nvd
Vulners
[
  {
    "product": "Apache Sling",
    "vendor": "Apache Software Foundation",
    "versions": [
      {
        "status": "affected",
        "version": "XSS Protection API 1.0.4 to 1.0.18"
      },
      {
        "status": "affected",
        "version": "XSS Protection API Compat 1.1.0"
      },
      {
        "status": "affected",
        "version": "XSS Protection API 2.0.0"
      }
    ]
  }
]

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
10 Jan 2018 14:29Current
5.8Medium risk
Vulners AI Score5.8
CVSS24.3
CVSS36.1
EPSS0.002
54
.json
Report