CVE-2017-8044

2017-11-2710:00:00

dell

www.cve.org

0.001 Low

EPSS

Percentile

32.9%

JSON

In Pivotal Single Sign-On for PCF (1.3.x versions prior to 1.3.4 and 1.4.x versions prior to 1.4.3), certain pages allow code to be injected into the DOM environment through query parameters, leading to XSS attacks.

CNA Affected

[
  {
    "product": "Single Sign-On for PCF 1.3.x versions prior to 1.3.4 and 1.4.x versions prior to 1.4.3",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Single Sign-On for PCF 1.3.x versions prior to 1.3.4 and 1.4.x versions prior to 1.4.3"
      }
    ]
  }
]

References

www.securityfocus.com/bid/100618

pivotal.io/security/cve-2017-8044

0.001 Low

EPSS

Percentile

32.9%

JSON

Related for CVELIST:CVE-2017-8044