Cross-site scripting (XSS) vulnerability in OpenText Tempo Box 10.0.3 allows remote attackers to inject arbitrary web script or HTML persistently via the name of an uploaded image.
References
Link | Resource |
---|---|
https://www.tarlogic.com/blog/vulnerabilidades-en-tempobox/ | Exploit Third Party Advisory |
Configurations
Information
Published : 2017-05-10 10:29
Updated : 2017-05-17 11:19
NVD link : CVE-2017-8892
Mitre link : CVE-2017-8892
JSON object : View
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Products Affected
opentext
- tempo_box