ID CVE-2017-16884
Summary Cross-site scripting (XSS) vulnerability in MistServer before 2.13 allows remote attackers to inject arbitrary web script or HTML via vectors related to failed authentication requests alerts.
References
Vulnerable Configurations
CVSS
Base: None
Impact:
Exploitability:
exploit-db via4
description MistServer 2.12 - Cross-Site Scripting. CVE-2017-16884. Webapps exploit for Multiple platform
file exploits/multiple/webapps/43205.txt
id EDB-ID:43205
last seen 2017-12-01
modified 2017-12-01
platform multiple
port
published 2017-12-01
reporter Exploit-DB
source https://www.exploit-db.com/download/43205/
title MistServer 2.12 - Cross-Site Scripting
type webapps
packetstorm via4
data source https://packetstormsecurity.com/files/download/145182/MIST-SERVER-v2.12-UNAUTHENTICATED-PERSISTENT-XSS-CVE-2017-16884.txt
id PACKETSTORM:145182
last seen 2017-12-04
published 2017-12-01
reporter hyp3rlinx
source https://packetstormsecurity.com/files/145182/MistServer-2.12-Cross-Site-Scripting.html
title MistServer 2.12 Cross Site Scripting
refmap via4
confirm https://news.mistserver.org/news/78/Stable+release+2.13+now+available%21
fulldisc 20171201 Mist Server v2.12 Unauthenticated Persistent XSS CVE-2017-16884
misc
Last major update 06-12-2017 - 21:29
Published 06-12-2017 - 21:29
Last modified 06-12-2017 - 21:29
Back to Top