Lucene search
MitreCVELIST:CVE-2017-14921HistorySep 29, 2017 - 7:00 a.m.
CVE-2017-14921
2017-09-2907:00:00
mitre
www.cve.org
0.001 Low
EPSS
Percentile
40.0%
Stored XSS vulnerability via IMG element at βFilenameβ of Filemanager in Tine 2.0 Community Edition before 2017.08.4 allows an authenticated user to inject JavaScript, which is mishandled during rendering by the application administrator and other users.
References
openwall.com/lists/oss-security/2017/09/28/11
github.com/tine20/Tine-2.0-Open-Source-Groupware-and-CRM/commit/146c5aaafd826c1c8990333c393bff6f64c90786
github.com/tine20/Tine-2.0-Open-Source-Groupware-and-CRM/commit/24e39e1e930097b8793a03b8864d3c484ede546b
github.com/tine20/Tine-2.0-Open-Source-Groupware-and-CRM/commit/bc8a6fbd3128cf5ef27d808f6c6ba869fdc2262b
github.com/tine20/Tine-2.0-Open-Source-Groupware-and-CRM/releases
Related
osv
osv
CVE-2017-14921
2017-09-30 01:29:01
cve
cve
CVE-2017-14921
2017-09-30 01:29:01
prion
prion
Cross site scripting
2017-09-30 01:29:00
nvd
nvd
CVE-2017-14921
2017-09-30 01:29:01