Skip to main content
CVE-2017-5882 MEDIUM POC This Month

Cross-site scripting (XSS) vulnerability in index.asp in SANADATA SanaCMS 7.3 allows remote attackers to inject arbitrary web script or HTML via the search parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Sanacms
NVD
CVSS 3.0
6.1
EPSS
0.2%
CVE-2017-5880 MEDIUM PATCH This Month

Splunk Web in Splunk Enterprise versions 6.5.x before 6.5.2, 6.4.x before 6.4.5, 6.3.x before 6.3.9, 6.2.x before 6.2.13, 6.1.x before 6.1.12, 6.0.x before 6.0.13, 5.0.x before 5.0.17 and Splunk. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Splunk
NVD
CVSS 3.0
6.5
EPSS
0.6%
CVE-2016-7147 MEDIUM PATCH This Month

Cross-site scripting (XSS) vulnerability in the manage_findResult component in the search feature in Zope ZMI in Plone before 4.3.12 and 5.x before 5.0.7 allows remote attackers to inject arbitrary. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

XSS Plone
NVD
CVSS 3.0
6.1
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy