Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
packetstormAli AbdollahiPACKETSTORM:149823
HistoryOct 16, 2018 - 12:00 a.m.

HighPortal 12.5 Cross Site Scripting

2018-10-1600:00:00
Ali Abdollahi
packetstormsecurity.com
28

0.012 Low

EPSS

Percentile

85.1%

JSON
`Vulnerable Product: HighPortal  
Affected version: 12.5  
Vulnerability Type: XSS  
CVE: CVE-2018-17964  
  
  
CWE: CWE-79  
Credit: Ali Abdollahi  
Remote: Yes  
Description:XSS vulnerability on Aryanic HighPortal version 12.5 via an Add Tags action.Contact: https://twitter.com/aliabdollahi2  
  
References: - https://example.com/directory.php?id=51622199%3Cscript%3Ealert(1)%3C/script%3E&page=something.php- http://i63.tinypic.com/30mofax.png  
  
`

Related

prion 2
cvelist 2
cve 2
nvd 2
zdi 1
zdt 1
openvas 1
prion
prion
Design/Logic Flaw
2019-01-24 04:29:00
Deserialization of untrusted data
2018-10-17 14:29:00
cvelist
cvelist
CVE-2018-17964
2018-10-17 14:00:00
CVE-2018-17694
2019-01-24 04:00:00
cve
cve
CVE-2018-17964
2018-10-17 14:29:01
CVE-2018-17694
2019-01-24 04:29:04
nvd
nvd
CVE-2018-17964
2018-10-17 14:29:01
CVE-2018-17694
2019-01-24 04:29:04
zdi
zdi
Foxit PhantomPDF display Use-After-Free Remote Code Execution Vulnerability
2018-10-11 00:00:00
zdt
zdt
HighPortal 12.5 Cross Site Scripting Vulnerability
2018-10-16 00:00:00
openvas
openvas
Foxit PhantomPDF < 8.3.8, 9.x < 9.3 Multiple Vulnerabilities (Jun 2019) - Windows
2019-06-28 00:00:00

0.012 Low

EPSS

Percentile

85.1%

JSON
Related for PACKETSTORM:149823
prion2cvelist2cve2nvd2zdi1zdt1openvas1