CVE-2017-10711 - CERT CVE

  1. CVE-2017-10711

ID CVE-2017-10711
Sažetak In SimpleRisk 20170614-001, a CSRF attack on reset.php (aka the Send Password Reset Email form) can insert XSS sequences via the user parameter.
Reference
CVSS
Base: 4.3
Impact: 2.9
Exploitability:8.6
Pristup
VektorSloženostAutentikacija
NETWORK MEDIUM NONE
Impact
PovjerljivostCjelovitostDostupnost
NONE PARTIAL NONE
CVSS vektor AV:N/AC:M/Au:N/C:N/I:P/A:N
Zadnje važnije ažuriranje 10-08-2017 - 15:31
Objavljeno 24-07-2017 - 13:29