CVE-2017-8892

Cross-site scripting (XSS) vulnerability in OpenText Tempo Box 10.0.3 allows remote attackers to inject arbitrary web script or HTML persistently via the name of an uploaded image.
References
Link Resource
https://www.tarlogic.com/blog/vulnerabilidades-en-tempobox/ Exploit Third Party Advisory
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:opentext:tempo_box:10.0.3:*:*:*:*:*:*:*

Information

Published : 2017-05-10 10:29

Updated : 2017-05-17 11:19


NVD link : CVE-2017-8892

Mitre link : CVE-2017-8892


JSON object : View

CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Advertisement

dedicated server usa

Products Affected

opentext

  • tempo_box