2 matches found
CVE-2017-17431
GeniXCMS 1.1.5 has XSS via the from, id, lang, menuid, mod, q, status, term, to, or token parameter. NOTE: this might overlap CVE-2017-14761, CVE-2017-14762, or CVE-2017-14765...
CVE-2017-17431
GeniXCMS 1.1.5 is vulnerable to cross-site scripting (XSS) via multiple input parameters (from, id, lang, menuid, mod, q, status, term, to, or token). The CVE note indicates potential overlap with CVE-2017-14761/62/65. Connected advisories corroborate XSS in GeniXCMS 1.1.4/1.1.5 (e.g., via id par...