CVE-2017-6393

NagVis/nagvis

on GitHub

Published

Mar 2, 2017

Severity

CVSS v3:

6.1 MEDIUM

CVSS v2:

4.3 MEDIUM

Description

An issue was discovered in NagVis 1.9b12. The vulnerability exists due to insufficient filtration of user-supplied data passed to the "nagvis-master/share/userfiles/gadgets/std_table.php" URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website.

References

https://github.com/NagVis/nagvis/issues/91
http://www.securityfocus.com/bid/96537

Configurations

CPE23	Version Start	Version End	Exact Version
cpe:2.3:a:nagvis:nagvis:1.9:b12::::::	n/a	n/a	1.9

External Links

NVD - CVE-2017-6393