HomePentest-Tools.com Logo

FineCMS <=5.0.10 - Cross-Site Scripting CVE-2017-11629

Severity
CVSSv3 Score
6.1
Vulnerability description

FineCMS through 5.0.10 contains a cross-site scripting vulnerability in controllers/api.php via the function parameter in a c=api&m=data2 request.\n

Risk description

No risk description to display.

Recommendation

Upgrade to the latest version of FineCMS (>=5.0.11) which includes a fix for this vulnerability.

Codename
Not available
Detectable with
Network Scanner
Scan engine
Nuclei
Exploitable with Sniper
No
CVE Published
Jul 26, 2017
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available