Lucene search
K

5 matches found

Github Security Blog
Github Security Blog
added 2022/05/17 2:51 a.m.17 views

Magmi XSS Vulnerability

A Cross-Site Scripting XSS was discovered in Magmi 0.7.22. The vulnerability exists due to insufficient filtration of user-supplied data prefix passed to the magmi-git-master/magmi/web/ajaxgettime.php URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the...

6.1CVSS6.2AI score0.08173EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2017/04/01 2:59 a.m.18 views

CVE-2017-7391

A Cross-Site Scripting XSS was discovered in 'Magmi 0.7.22'. The vulnerability exists due to insufficient filtration of user-supplied data prefix passed to the 'magmi-git-master/magmi/web/ajaxgettime.php' URL. An attacker could execute arbitrary HTML and script code in a browser in the context of...

6.1CVSS5.8AI score
Exploits0References3
Prion
Prion
added 2017/04/01 2:59 a.m.16 views

Cross site scripting

A Cross-Site Scripting XSS was discovered in 'Magmi 0.7.22'. The vulnerability exists due to insufficient filtration of user-supplied data prefix passed to the 'magmi-git-master/magmi/web/ajaxgettime.php' URL. An attacker could execute arbitrary HTML and script code in a browser in the context of...

4.3CVSS5.8AI score0.08173EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2017/04/01 1:7 a.m.78 views

CVE-2017-7391

Magmi 0.7.22 contains a Cross-Site Scripting (XSS) vulnerability due to insufficient filtration of the prefix parameter passed to magmi-git-master/magmi/web/ajax_gettime.php. Exploitation could allow arbitrary HTML/JavaScript execution in a victim’s browser. Remediation is to upgrade to a patched...

6.1CVSS5.8AI score0.08173EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2017/04/01 1:7 a.m.34 views

CVE-2017-7391

A Cross-Site Scripting XSS was discovered in 'Magmi 0.7.22'. The vulnerability exists due to insufficient filtration of user-supplied data prefix passed to the 'magmi-git-master/magmi/web/ajaxgettime.php' URL. An attacker could execute arbitrary HTML and script code in a browser in the context of...

5.8AI score0.08173EPSS
Exploits0References3
Rows per page
Query Builder