CVE-2017-11666

2022-10-0316:23:04

mitre

www.cve.org

cross-site scripting

kopano webapp

cve-2017-11666

viewerpanel.js

previewer plugin

remote attackers

web script

html

previewable file

0.001 Low

EPSS

Percentile

42.7%

JSON

Cross-site scripting (XSS) vulnerability in js/ViewerPanel.js in the file previewer plugin in Kopano WebApp versions 3.3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via a specially crafted previewable file.

References

stash.kopano.io/projects/KWA/repos/filepreviewer/commits/85d2b5c2d27f461bba12e9491fcc4b0d8fde771a

0.001 Low

EPSS

Percentile

42.7%

JSON

Related for CVELIST:CVE-2017-11666