CVE-2017-9032
MEDIUMTrend Micro ServerProtect for Linux <3.0 - XSS
Title source: llmDescription
Multiple cross-site scripting (XSS) vulnerabilities in Trend Micro ServerProtect for Linux 3.0 before CP 1531 allow remote attackers to inject arbitrary web script or HTML via the (1) T1 or (2) tmLastConfigFileModifiedDate parameter to log_management.cgi.
References (5)
Scores
CVSS v3
6.1
EPSS
0.0124
EPSS Percentile
79.1%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Details
CWE
CWE-79
Status
published
Products (2)
trendmicro/serverprotect
n/a/n/a
Published
May 26, 2017
Tracked Since
Feb 18, 2026