3 matches found
CVE-2017-8920
irc.cgi in CGI:IRC before 0.5.12 reflects user-supplied input from the R parameter without proper output encoding, aka XSS...
CVE-2017-9422
CVE-2017-8920 (CGI:IRC) affects irc.cgi before 0.5.12; it reflects user-supplied input from the R parameter without proper output encoding, enabling XSS. This CVE-8920 detail is the active vulnerability; CVE-2017-9422 is a reservation duplicate and not used. Remedy: upgrade CGI:IRC to 0.5.12 or l...
CVE-2017-8920
CVE-2017-8920 affects CGI:IRC’s irc.cgi prior to version 0.5.12, where input from the R parameter is not properly output encoded, enabling a cross-site scripting (XSS) vector. Public sources (NVD/CNVD/OSV) describe this XSS vulnerability and reference CGI:IRC before 0.5.12. Affected component: ir...