Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

CVE-2017-5870

🗓️ 23 May 2017 03:56:00Reported by mitreType 
cve
 cve🔗 web.nvd.nist.gov👁 62 Views🌐 WEB

Multiple XSS vulnerabilities in ViMbAdmin 3.0.15 allow remote attackers to inject arbitrary web script or HTML

Related
Detection
Refs
Paths
ReporterTitlePublishedViews
Family
CNVD		Open Source Solutions ViMbAdmin Cross-Site Scripting Vulnerability
24 May 201700:00
cnvd
Cvelist		CVE-2017-5870
23 May 201703:56
cvelist
EUVD		EUVD-2022-4380
3 Oct 202520:07
euvd
Github Security Blog		ViMbAdmin Cross-site Scripting Vulnerabilities
17 May 202202:43
github
NVD		CVE-2017-5870
23 May 201704:29
nvd
OpenVAS		ViMbAdmin Multiple Vulnerabilities
14 Jun 201700:00
openvas
OSV		CVE-2017-5870
23 May 201704:29
osv
OSV		GHSA-JJ4J-CWGQ-FX7G ViMbAdmin Cross-site Scripting Vulnerabilities
17 May 202202:43
osv
Packet Storm		ViMbAdmin 3.0.15 Cross Site Scripting
5 May 201700:00
packetstorm
Prion		Cross site scripting
23 May 201704:29
prion
Rows per page
NVD
Node
vimbadminvimbadminMatch3.0.15
ParameterPositionPathDescriptionCWE
domainrequest bodydomain/addStored XSS via domain and transport parameters in domain/add.CWE-79
transportrequest bodydomain/addStored XSS via domain and transport parameters in domain/add.CWE-79
local_partrequest bodymailbox/add/did/<domain id>Stored XSS via name parameter in mailbox/add/did/<domain id>.CWE-79
domainrequest bodymailbox/add/did/<domain id>Stored XSS via name parameter in mailbox/add/did/<domain id>.CWE-79
namerequest bodymailbox/add/did/<domain id>Stored XSS via name parameter in mailbox/add/did/<domain id>.CWE-79
passwordrequest bodymailbox/add/did/<domain id>Stored XSS via name parameter in mailbox/add/did/<domain id>.CWE-79
quotarequest bodymailbox/add/did/<domain id>Stored XSS via name parameter in mailbox/add/did/<domain id>.CWE-79
alt_emailrequest bodymailbox/add/did/<domain id>Stored XSS via name parameter in mailbox/add/did/<domain id>.CWE-79
cc_welcome_emailrequest bodymailbox/add/did/<domain id>Stored XSS via name parameter in mailbox/add/did/<domain id>.CWE-79
local_partrequest bodyalias/add/did/<domain id>Stored XSS via goto parameter in alias/add/did/<domain id>.CWE-79
Rows per page

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
13 May 2026 00:24Current
5.6Medium risk
Vulners AI Score5.6
CVSS 23.5
CVSS 35.4
EPSS0.00138
CWE-79
xssvimbadminsecurity vulnerabilitycve-2017-5870nvd
62