2 matches found
CVE-2017-6538
A Cross-Site Scripting XSS issue was discovered in webpagetest 3.0. The vulnerability exists due to insufficient filtration of user-supplied data video passed to the webpagetest-master/www/speedindex/index.php URL. An attacker could execute arbitrary HTML and script code in a browser in the conte...
CVE-2017-6538
CVE-2017-6538 concerns an XSS vulnerability in webpagetest 3.0 where user-supplied data (video) passed to webpagetest-master/www/speedindex/index.php is not properly filtered, allowing an attacker to inject arbitrary HTML/JavaScript in the victim’s browser. The issue is triggered via insufficient...