2 matches found
baike.com XSS vulnerability
Vulnerable URL: http://www.baike.com/docClaimApply.do?action=showClaimDocApply=adya4cz%22onfocus%3d%22alert%28/OPENBUGBOUNTY/%29%22autofocus%3d%22rbo8n Details: Description| Value ---|--- Patched:| No Latest check for patch:| 30.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly...
Fixed in Apache Tomcat 9.0.0.M18
Low: Information Disclosure CVE-2017-5648 While investigating bug 60718, it was noticed that some calls to application listeners did not use the appropriate facade object. When running an untrusted application under a SecurityManager, it was therefore possible for that untrusted application to...