1 results (0.010 seconds)
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1
CVE-2017-8892
https://notcve.org/view.php?id=CVE-2017-8892
Cross-site scripting (XSS) vulnerability in OpenText Tempo Box 10.0.3 allows remote attackers to inject arbitrary web script or HTML persistently via the name of an uploaded image. Vulnerabilidad XSS en OpenText Tempo Box 10.0.3 permite a atacantes remotos inyectar secuencias de comandos web o HTML persistentes a través del nombre de una imagen cargada. • https://www.tarlogic.com/blog/vulnerabilidades-en-tempobox • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •