Lucene search
K

8 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 10:55 a.m.9 views

CVE-2017-15214

Stored XSS vulnerability in Flyspray 1.0-rc4 before 1.0-rc6 allows an authenticated user to inject JavaScript to gain administrator privileges and also to execute JavaScript against other users including unauthenticated users, via the name, title, or id parameter to...

5.4CVSS6.2AI score0.00863EPSS
Exploits0References1
OSV
OSV
added 2017/10/11 1:32 a.m.16 views

CVE-2017-15214

Stored XSS vulnerability in Flyspray 1.0-rc4 before 1.0-rc6 allows an authenticated user to inject JavaScript to gain administrator privileges and also to execute JavaScript against other users including unauthenticated users, via the name, title, or id parameter to...

5.4CVSS6.1AI score
Exploits0References3
NVD
NVD
added 2017/10/11 1:32 a.m.15 views

CVE-2017-15214

Stored XSS vulnerability in Flyspray 1.0-rc4 before 1.0-rc6 allows an authenticated user to inject JavaScript to gain administrator privileges and also to execute JavaScript against other users including unauthenticated users, via the name, title, or id parameter to...

5.4CVSS5.5AI score0.00863EPSS
Exploits0References3
Prion
Prion
added 2017/10/11 1:32 a.m.10 views

Cross site scripting

Stored XSS vulnerability in Flyspray 1.0-rc4 before 1.0-rc6 allows an authenticated user to inject JavaScript to gain administrator privileges and also to execute JavaScript against other users including unauthenticated users, via the name, title, or id parameter to...

3.5CVSS5.5AI score0.00863EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2017/10/10 5:0 a.m.22 views

CVE-2017-15214

Stored XSS vulnerability in Flyspray 1.0-rc4 before 1.0-rc6 allows an authenticated user to inject JavaScript to gain administrator privileges and also to execute JavaScript against other users including unauthenticated users, via the name, title, or id parameter to...

5.5AI score0.00863EPSS
Exploits0References3
Packet Storm
Packet Storm
added 2017/04/26 12:0 a.m.41 views

Flyspray 1.0-rc4 Cross Site Scripting

HTTPCS Advisory : HTTPCS160 Product : Flyspray Version : 1.0-rc4 Date : 2017-04-24 Criticality level : Less Critical Description : A vulnerability has been discovered in Flyspray , which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the 'realname'...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2017/04/25 12:0 a.m.18 views

FlySpray 1.0-rc4 - Cross-Site Scripting Cross-Site Request Forgery

FlySpray 1.0-rc4 - Cross-Site Scripting Cross-Site Request Forgery Exploit Title: XSRF Stored FlySpray 1.0-rc4 XSS2CSRF add admin account Date: 19/04/2017 Exploit Author: Cyril Vallicari / HTTPCS / ZIWIT : https://www.openoffice.org Version: 1.0-rc4 Tested on: Windows 7 x64 SP1 / Kali Linux...

0.7AI score
Exploits0
Exploit DB
Exploit DB
added 2017/04/25 12:0 a.m.38 views

FlySpray 1.0-rc4 - Cross-Site Scripting / Cross-Site Request Forgery

Exploit Title: XSRF Stored FlySpray 1.0-rc4 XSS2CSRF add admin account Date: 19/04/2017 Exploit Author: Cyril Vallicari / HTTPCS / ZIWIT : https://www.openoffice.org Version: 1.0-rc4 Tested on: Windows 7 x64 SP1 / Kali Linux Description : A vulnerability has been discovered in Flyspray , which ca...

7AI score
Exploits0
Rows per page
Query Builder