3 matches found
CVE-2017-5494
Multiple cross-site scripting XSS vulnerabilities in the file types table in b2evolution through 6.8.3 allow remote authenticated users to inject arbitrary web script or HTML via a .swf file in a 1 comment frame or 2 avatar frame...
CVE-2017-5494
CVE-2017-5494 affects b2evolution before 6.8.3. Multiple XSS vulnerabilities exist in the file types table, enabling remote authenticated users to inject arbitrary web script or HTML via a .swf file in either the comment frame or the avatar frame. Documents consistently describe the affected comp...
CVE-2017-5494
Multiple cross-site scripting XSS vulnerabilities in the file types table in b2evolution through 6.8.3 allow remote authenticated users to inject arbitrary web script or HTML via a .swf file in a 1 comment frame or 2 avatar frame...