NVD

Id
83839  
Name
CVE-2017-7242  
Description
Multiple Cross-Site Scripting (XSS) were discovered in admin/modules components in SLiMS 7 Cendana through 2017-03-23: the keywords parameter to bibliography/checkout_item.php, bibliography/dl_print.php, bibliography/item.php, bibliography/item_barcode_generator.php, bibliography/printed_card.php, circulation/loan_rules.php, master_file/author.php, master_file/coll_type.php, and master_file/doc_language.php and the quickReturnID field to circulation/ajax_action.php.  
Reject
 
CVSS Version
2  
CVSS Score
4.3  
Severity
Medium  
CVSS Base Score
4.3  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:N/I:P/A:N)  
Pub Date
2017-03-29  
Published
2017-03-23  
Modified Date
2017-03-28  
Seq
2017-7242  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
411776 83839 CVE-2017-5666 95908  View
411777 83839 CVE-2017-5666 https://blogs.gentoo.org/ago/2017/01/29/mp3splt-invalid-free-in-free_options-options_manager-c/  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
66381 JVNDB-2017-002719 SLiMS 7 Cendana におけるクロスサイトスクリプティングの脆弱性 SLiMS 7 Cendana には、クロスサイトスクリプティングの脆弱性が存在します。 CVE-2017-7242 0 CVE-2017-7242 83839 4.3 6.1 http://jvndb.jvn.jp/ja/contents/2017/JVNDB-2017-002719.html 2017-03-23 2017-04-26 View