Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistMitreCVELIST:CVE-2017-16635
HistoryNov 06, 2017 - 10:00 p.m.

CVE-2017-16635

2017-11-0622:00:00
mitre
www.cve.org

0.001 Low

EPSS

Percentile

32.2%

JSON

In TinyWebGallery v2.4, an XSS vulnerability is located in the mkname, mkitem, and item parameters of the Add/Create module. Remote attackers with low-privilege user accounts for backend access are able to inject malicious script codes into the TWG Explorer item listing. The request method to inject is POST and the attack vector is located on the application-side of the service. The injection point is the add/create input field and the execution point occurs in the item listing after the add or create.

Related

prion 1
vulnerlab 2
nvd 1
cve 1
prion
prion
Cross site scripting
2017-11-06 22:29:00
vulnerlab
vulnerlab
TinyWebGallery v2.4 (TWGE) - Persistent XSS Vulnerability
2017-11-01 00:00:00
TinyWebGallery v2.4 (TWGE) - Persistent XSS Vulnerability
2017-11-01 00:00:00
nvd
nvd
CVE-2017-16635
2017-11-06 22:29:00
cve
cve
CVE-2017-16635
2017-11-06 22:29:00

0.001 Low

EPSS

Percentile

32.2%

JSON
Related for CVELIST:CVE-2017-16635
prion1vulnerlab2nvd1cve1