NVD
- Id
- 85937
- Name
- CVE-2017-5870
- Description
- Multiple cross-site scripting (XSS) vulnerabilities in ViMbAdmin 3.0.15 allow remote attackers to inject arbitrary web script or HTML via the (1) domain or (2) transport parameter to domain/add; the (3) name parameter to mailbox/add/did/<domain id>; the (4) goto parameter to alias/add/did/<domain id>; or the (5) captchatext parameter to auth/lost-password.
- Reject
- CVSS Version
- 2
- CVSS Score
- 3.5
- Severity
- Low
- CVSS Base Score
- 3.5
- CVSS Impact Subscore
- 2.9
- CVSS Exploit Subscore
- 6.8
- CVSS Vector
- (AV:N/AC:M/Au:S/C:N/I:P/A:N)
- Pub Date
- 2017-06-03
- Published
- 2017-05-23
- Modified Date
- 2017-06-01
- Seq
- 2017-5870
