Lucene search
MitreCVELIST:CVE-2017-18176HistoryOct 03, 2022 - 4:23 p.m.
CVE-2017-18176
2022-10-0316:23:15
mitre
www.cve.org
progress sitefinity
xss
file upload
javascript
html
same origin
application code
cve-2017-18176
fixed
0.001 Low
EPSS
Percentile
34.6%
Progress Sitefinity 9.1 has XSS via file upload, because JavaScript code in an HTML file has the same origin as the applicationβs own code. This is fixed in 10.1.
Related
prion
prion
Default credentials
2018-02-12 14:29:00
cve
cve
CVE-2017-18176
2022-10-03 16:23:15
nvd
nvd
CVE-2017-18176
2018-02-12 14:29:00
openvas
openvas
Progress Sitefinity < 10.1 Multiple Vulnerabilities (Feb 2018)
2018-02-13 00:00:00