CVE-2015-5612

Cross-site scripting (XSS) vulnerability in October CMS build 271 and earlier allows remote attackers to inject arbitrary web script or HTML via the caption tag of a profile image.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:octobercms:october:-:*:*:*:*:*:*:*

Information

Published : 2015-09-04 08:59

Updated : 2015-09-04 10:47


NVD link : CVE-2015-5612

Mitre link : CVE-2015-5612


JSON object : View

CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Advertisement

dedicated server usa

Products Affected

octobercms

  • october