GeniXCMS XSS Vulnerability

2022-05-1700:11:38

Google

osv.dev

genixcms

cross-site scripting

vulnerability

parameters

EPSS

0.001

Percentile

38.5%

JSON

GeniXCMS 1.1.5 has XSS via the from, id, lang, menuid, mod, q, status, term, to, or token parameter. NOTE: this might overlap CVE-2017-14761, CVE-2017-14762, or CVE-2017-14765.

References

code610.blogspot.com/2017/12/modus-operandi-genixcms-115.html

github.com/semplon/GeniXCMS

nvd.nist.gov/vuln/detail/CVE-2017-17431

EPSS

0.001

Percentile

38.5%

JSON

Related for OSV:GHSA-PWR7-J6G3-HMX6