CVE-2017-5875
dotCMS 3.7.0 contains a cross-site scripting (XSS) vulnerability exploitable by an authenticated user via the /myAccount addressID parameter. Multiple sources (NVD/CNVD/OSV) confirm XSS with an authenticated impact (C/L/I/L, A none); CVSS3 score 5.4 (MEDIUM) with network attack vector and low pri...