CVE-2017-18286
CVE-2017-18286 affects nZEDb v0.7.3.3, with a Cross‑Site Scripting (XSS) flaw on the 404 error page caused by inadequate input filtering in the 404 page rendering. This can allow an attacker to inject arbitrary script in the victim’s browser through the URL. Several sources corroborate the XSS is...