CVE-2017-5515

MEDIUM

Metalgenix Genixcms < 0.0.8 - XSS

Title source: rule

Description

Cross-site scripting (XSS) vulnerability in the user prompt function in GeniXCMS through 0.0.8 allows remote authenticated users to inject arbitrary web script or HTML via tag names.

References (2)

Scores

CVSS v3 5.4
EPSS 0.0014
EPSS Percentile 33.9%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Classification

CWE
CWE-79
Status published

Affected Products (2)

metalgenix/genixcms < 0.0.8
n/a/n/a

Timeline

Published Jan 17, 2017
Tracked Since Feb 18, 2026