Lucene search
MitreCVELIST:CVE-2017-14923HistorySep 29, 2017 - 7:00 a.m.
CVE-2017-14923
2017-09-2907:00:00
mitre
www.cve.org
0.001 Low
EPSS
Percentile
40.0%
Stored XSS vulnerability via IMG element at βLeadnameβ of CRM in Tine 2.0 Community Edition before 2017.08.4 allows an authenticated user to inject JavaScript, which is mishandled during rendering by the application administrator and other users.
References
openwall.com/lists/oss-security/2017/09/28/11
github.com/tine20/Tine-2.0-Open-Source-Groupware-and-CRM/commit/146c5aaafd826c1c8990333c393bff6f64c90786
github.com/tine20/Tine-2.0-Open-Source-Groupware-and-CRM/commit/24e39e1e930097b8793a03b8864d3c484ede546b
github.com/tine20/Tine-2.0-Open-Source-Groupware-and-CRM/commit/bc8a6fbd3128cf5ef27d808f6c6ba869fdc2262b
github.com/tine20/Tine-2.0-Open-Source-Groupware-and-CRM/releases
Related
osv
osv
CVE-2017-14923
2017-09-30 01:29:01
prion
prion
Cross site scripting
2017-09-30 01:29:00
nvd
nvd
CVE-2017-14923
2017-09-30 01:29:01
cve
cve
CVE-2017-14923
2017-09-30 01:29:01