Lucene search
Veracode Vulnerability DatabaseVERACODE:21693HistoryOct 14, 2019 - 5:40 a.m.
Cross-Site Scripting (XSS)
2019-10-1405:40:09
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
7
0.01 Low
EPSS
Percentile
83.9%
hotarucms/hotarucms is vulnerable to cross-site scripting (XSS). A remote attacker is able to inject arbitrary Javascript into a victim’s browser by storing malicious Javascript code in the site_name parameter. This CVE ID is related to CVE-2011-4709.
| CPE | Name | Operator | Version |
|---|---|---|---|
| hotarucms/hotarucms | le | 1.7.2 |
Related
osv
osv
CVE-2019-17522
2019-10-12 18:15:16
cve
cve
CVE-2019-17522
2019-10-12 18:15:16
CVE-2011-4709
2011-12-08 19:55:05
prion
prion
Cross site scripting
2019-10-12 18:15:00
Cross site scripting
2011-12-08 19:55:00
cvelist
cvelist
CVE-2019-17522
2019-10-12 17:44:10
CVE-2011-4709
2011-12-08 19:00:00
nvd
nvd
CVE-2019-17522
2019-10-12 18:15:16
CVE-2011-4709
2011-12-08 19:55:05
zeroscience
zeroscience
Hotaru CMS 1.4.2 SITE_NAME Parameter Stored XSS Vulnerability
2011-11-13 00:00:00