Skip to main content

Rise Ultimate Project Manager CVE-2017-11182

MEDIUM
Cross-site Scripting (XSS) (CWE-79)
2017-07-12 cve@mitre.org
5.4
CVSS 3.0 · NVD
Share

Severity by source

NVD PRIMARY
5.4 MEDIUM
AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
Required
Scope
Changed
Confidentiality
Low
Integrity
Low
Availability
None

Lifecycle Timeline

1
CVE Published
Jul 12, 2017 - 00:29 cve.org
MEDIUM 5.4

DescriptionCVE.org

In Rise Ultimate Project Manager v1.8, XSS vulnerabilities were found in the My Profile section. All input fields are vulnerable.

AnalysisAI

In Rise Ultimate Project Manager v1.8, XSS vulnerabilities were found in the My Profile section. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified as Cross-Site Scripting (XSS) (CWE-79), which allows attackers to inject malicious scripts into web pages viewed by other users. In Rise Ultimate Project Manager v1.8, XSS vulnerabilities were found in the My Profile section. All input fields are vulnerable. Affected products include: Fairsketch Rise Ultimate Project Manager.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Sanitize all user input, use Content-Security-Policy headers, encode output contextually (HTML, JS, URL). Use frameworks with built-in XSS protection.

CVE-2019-18884 HIGH POC
8.8 Nov 13

index.php/team_members/add_team_member in RISE Ultimate Project Manager 2.3 has CSRF for adding authorized users. Rated

CVE-2025-60378 HIGH POC
8.1 Oct 10

Stored HTML/script injection in RISE Ultimate Project Manager & CRM (vendor fairsketch) lets authenticated low-privilege

CVE-2025-63293 MEDIUM POC
6.5 Nov 03

FairSketch Rise Ultimate Project Manager & CRM 3.9.4 is vulnerable to Insecure Permissions. Rated medium severity (CVSS

CVE-2025-56807 MEDIUM POC
6.1 Sep 29

A cross-site scripting (XSS) vulnerability in FairSketch RISE Ultimate Project Manager & CRM 3.9.4 allows an administrat

CVE-2025-3855 MEDIUM POC
5.3 Apr 22

A vulnerability was found in CodeCanyon RISE Ultimate Project Manager 3.8.2 and classified as problematic. Rated medium

CVE-2024-8945 MEDIUM POC
5.3 Sep 17

A vulnerability has been found in CodeCanyon RISE Ultimate Project Manager 3.7.0 and classified as critical. Rated mediu

CVE-2024-0545 MEDIUM
6.9 Jan 15

A vulnerability classified as problematic was found in CodeCanyon RISE Ultimate Project Manager 3.5.3. Rated medium seve

CVE-2017-11181 MEDIUM
5.4 Jul 12

In Rise Ultimate Project Manager v1.8, XSS vulnerabilities were found in the Messaging section. Rated medium severity (C

CVE-2025-41106 MEDIUM
5.1 Nov 11

HTML injection vulnerability found in Fairsketch's RISE CRM Framework v3.8.1, which consist of an HTML code injection du

CVE-2025-41105 MEDIUM
5.1 Nov 11

HTML injection vulnerability found in Fairsketch's RISE CRM Framework v3.8.1, which consist of an HTML code injection du

CVE-2025-41104 MEDIUM
5.1 Nov 11

HTML injection vulnerability found in Fairsketch's RISE CRM Framework v3.8.1, which consist of an HTML code injection du

CVE-2025-41103 MEDIUM
5.1 Nov 11

HTML injection vulnerability found in Fairsketch's RISE CRM Framework v3.8.1, which consist of an HTML code injection du

Share

CVE-2017-11182 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy