4 matches found
CVE-2017-1000457
Cross-site scripting XSS vulnerability in Help.aspx in mojoPortal version 2.5.0.0 allows remote attackers to inject arbitrary web script or HTML via the helpkey parameter. Exploitation requires authenticated reflected cross-site scripting for user accounts assigned either the "Administrators" or...
CVE-2017-1000457
Cross-site scripting XSS vulnerability in Help.aspx in mojoPortal version 2.5.0.0 allows remote attackers to inject arbitrary web script or HTML via the helpkey parameter. Exploitation requires authenticated reflected cross-site scripting for user accounts assigned either the "Administrators" or...
CVE-2017-1000457
Cross-site scripting XSS vulnerability in Help.aspx in mojoPortal version 2.5.0.0 allows remote attackers to inject arbitrary web script or HTML via the helpkey parameter. Exploitation requires authenticated reflected cross-site scripting for user accounts assigned either the "Administrators" or...
CVE-2017-1000457
CVE-2017-1000457 describes a cross-site scripting (XSS) vulnerability in mojoPortal 2.5.0.0, exploitable via the Help.aspx page using the helpkey parameter. Exploitation requires an authenticated attacker with either the Administrators or Content Administrators role to perform a reflected XSS aga...