CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

3 matches found

Prion•added 2017/11/18 1:29 p.m.•9 views

Memory corruption

b3log Symphony aka Sym 2.2.0 does not properly address XSS in JSON objects, as demonstrated by a crafted userAvatarURL value to /settings/avatar, related to processor/AdminProcessor.java, processor/ArticleProcessor.java, processor/UserProcessor.java, service/ArticleQueryService.java,...

4.3CVSS5.9AI score0.0024EPSS

Exploits1References1Affected Software1

NVD•added 2017/11/18 1:29 p.m.•7 views

CVE-2017-16881

b3log Symphony aka Sym 2.2.0 does not properly address XSS in JSON objects, as demonstrated by a crafted userAvatarURL value to /settings/avatar, related to processor/AdminProcessor.java, processor/ArticleProcessor.java, processor/UserProcessor.java, service/ArticleQueryService.java,...

6.1CVSS6AI score0.0024EPSS

Exploits1References1

Cvelist•added 2017/11/18 1:0 p.m.•10 views

CVE-2017-16881

b3log Symphony aka Sym 2.2.0 does not properly address XSS in JSON objects, as demonstrated by a crafted userAvatarURL value to /settings/avatar, related to processor/AdminProcessor.java, processor/ArticleProcessor.java, processor/UserProcessor.java, service/ArticleQueryService.java,...

6AI score0.0024EPSS

Exploits1References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by