NVD

Id
82262  
Name
CVE-2017-5960  
Description
An issue was discovered in Phalcon Eye through 0.4.1. The vulnerability exists due to insufficient filtration of user-supplied data in multiple HTTP GET parameters passed to the phalconeye-master/public/external/pydio/plugins/editor.webodf/frame.php URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website.  
Reject
 
CVSS Version
2  
CVSS Score
4.3  
Severity
Medium  
CVSS Base Score
4.3  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:N/I:P/A:N)  
Pub Date
2017-03-18  
Published
2017-02-11  
Modified Date
2017-03-01  
Seq
2017-5960  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
406245 82262 CVE-2016-2517 http://support.ntp.org/bin/view/Main/NtpBug3010  View
406246 82262 CVE-2016-2517 88189  View
406247 82262 CVE-2016-2517 VU#718152  View
406794 82262 CVE-2017-2975 https://helpx.adobe.com/security/products/Digital-Editions/apsb17-05.html  View
406795 82262 CVE-2017-2975 https://helpx.adobe.com/security/products/Digital-Editions/apsb17-05.html  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
65382 JVNDB-2017-001745 Phalcon Eye における任意の HTML およびスクリプトコードを実行される脆弱性 Phalcon Eye には、脆弱な Web サイトのコンテキスト内のブラウザで任意の HTML およびスクリプトコードを実行される脆弱性が存在します。 CVE-2017-5960 CVE-2017-5960 82262 4.3 6.1 http://jvndb.jvn.jp/ja/contents/2017/JVNDB-2017-001745.html 2017-02-10 2017-03-16 View