CVE-2017-17086

2017-12-0108:00:00

mitre

www.cve.org

AI Score

9.8

Confidence

High

EPSS

0.005

Percentile

76.0%

JSON

Indeo Otter through 1.7.4 mishandles a “</script>” substring in an initial DP payload, which allows remote attackers to cause a denial of service (crash) or possibly have unspecified other impact, as demonstrated by the Plan Editor.

References

inedo.myjetbrains.com/youtrack/issue/ILIB-11