CVE-2017-2118
MEDIUMWBCE CMS <1.1.10 - XSS
Title source: llmDescription
Cross-site scripting vulnerability in WBCE CMS 1.1.10 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Scores
CVSS v3
6.1
EPSS
0.0032
EPSS Percentile
55.1%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Classification
CWE
CWE-79
Status
published
Affected Products (2)
wbce/wbce_cms
< 1.1.10
WBCE Team/WBCE CMS
< 1.1.10 and earlier
Timeline
Published
Apr 28, 2017
Tracked Since
Feb 18, 2026