IDCVSSSummaryLast (major) updatePublished
CVE-2017-15717 4.3
A flaw in the way URLs are escaped and encoded in the org.apache.sling.xss.impl.XSSAPIImpl#getValidHref and org.apache.sling.xss.impl.XSSFilterImpl#isValidHref allows special crafted URLs to pass as valid, although they carry XSS payloads. The affect
02-02-2018 - 18:43 10-01-2018 - 14:29
Back to Top Mark selected
Back to Top