CVE-2016-1230
MEDIUMNTT PC Communications WebARENA Service <2.2.1 - XSS
Title source: llmDescription
Cross-site scripting (XSS) vulnerability in NTT PC Communications WebARENA Service formmail before 2.2.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
References (5)
Scores
CVSS v3
6.1
EPSS
0.0036
EPSS Percentile
57.6%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Classification
CWE
CWE-79
Status
draft
Affected Products (1)
ntt/webarena_service_formmail
< 2.2.0
Timeline
Published
Jun 05, 2016
Tracked Since
Feb 18, 2026