CVE-2017-8892
CVE-2017-8892 describes a cross-site scripting (XSS) vulnerability in OpenText Tempo Box 10.0.3 where an attacker can persistently inject arbitrary web script or HTML via the name of an uploaded image. The issue is documented across multiple feeds (NVD/Red Hat/CNVD/CVE listing) with both CVSS2 (4...