2 matches found
CVE-2017-5882
SANADATA SanaCMS 7.3 has an XSS vulnerability in index.asp exploitable via the search parameter. The root cause is reflected script execution from user-supplied input, enabling remote attackers to inject arbitrary web script or HTML. The connected documents confirm the affected product/version an...
CVE-2017-6518
CVE-2017-6518 is a Cross-site scripting (XSS) vulnerability in SANADATA SanaCMS 7.3, exploitable via the txtFrom parameter in /sanadata/seo/index.asp. The affected component is SanaCMS 7.3; the root cause is improper handling of user-supplied input leading to script/HTML injection. Impact describ...