ID CVE-2017-18176
Summary Progress Sitefinity 9.1 has XSS via file upload, because JavaScript code in an HTML file has the same origin as the application's own code. This is fixed in 10.1.
References
Vulnerable Configurations
CVSS
Base: None
Impact:
Exploitability:
refmap via4
misc
Last major update 12-02-2018 - 09:29
Published 12-02-2018 - 09:29
Last modified 12-02-2018 - 09:29
Back to Top