CVE-2017-11677
MEDIUMHashtopus 1.5g - XSS
Title source: llmDescription
Cross-site scripting (XSS) vulnerability in Hashtopus 1.5g allows remote attackers to inject arbitrary web script or HTML via the query string to admin.php.
Scores
CVSS v3
6.1
EPSS
0.0023
EPSS Percentile
45.9%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Details
CWE
CWE-79
Status
published
Products (2)
hashtopus_project/hashtopus
n/a/n/a
Published
Jul 27, 2017
Tracked Since
Feb 18, 2026