Lucene search
MitreCVELIST:CVE-2017-9451HistoryJun 06, 2017 - 4:00 p.m.
CVE-2017-9451
2017-06-0616:00:00
mitre
www.cve.org
0.001 Low
EPSS
Percentile
47.4%
Cross site scripting (XSS) vulnerability in pages.edit_form.php in flatCore 1.4.6 allows remote attackers to inject arbitrary JavaScript via the PATH_INFO in an acp.php URL, due to use of unsanitized $_SERVER[‘PHP_SELF’] to generate URLs.
Related
cve
cve
CVE-2017-9451
2017-06-06 16:29:00
prion
prion
Cross site scripting
2017-06-06 16:29:00
osv
osv
CVE-2017-9451
2017-06-06 16:29:00
nvd
nvd
CVE-2017-9451
2017-06-06 16:29:00