What is the severity of CVE-2017-12460?

The severity of CVE-2017-12460 is medium, with a severity value of 5.4.

How can an authenticated user manage the wallpaper collection in the webUI for the affected Barco ClickShare products?

An authenticated user can manage the wallpaper collection in the webUI for the affected Barco ClickShare products by uploading a wallpaper with a specially crafted name.

What is the impact of CVE-2017-12460?

CVE-2017-12460 allows an authenticated user to upload a specially crafted wallpaper, potentially leading to unauthorized access or privilege escalation.

How can I check if my Barco ClickShare CSM-1 firmware is affected?

You can check if your Barco ClickShare CSM-1 firmware is affected by verifying that the version is earlier than v1.7.0.3.

How can I check if my Barco Clickshare Csc-1 Firmware is affected?

You can check if your Barco Clickshare Csc-1 Firmware is affected by verifying that the version is earlier than v1.10.0.10.

Vulnerability/
CVE-2017-12460

medium

5.4

CWE

30/10/2017

5/8/2024

CVE-2017-12460: XSS

First published: Mon Oct 30 2017(Updated: )

An issue was discovered in Barco ClickShare CSM-1 firmware before v1.7.0.3 and CSC-1 firmware before v1.10.0.10. An authenticated user can manage the wallpaper collection in the webUI to be shown as background on the ClickShare product. By uploading a wallpaper with a specially crafted name, an HTML injection can be triggered as special characters are not neutralized before output.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Barco ClickShare CSM-1 firmware	<1.7.0.3
Barco ClickShare CSM-1
Barco Clickshare Csc-1 Firmware	<1.10.0.10
Barco ClickShare CSC-1

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2017-12460?
The severity of CVE-2017-12460 is medium, with a severity value of 5.4.
How can an authenticated user manage the wallpaper collection in the webUI for the affected Barco ClickShare products?
An authenticated user can manage the wallpaper collection in the webUI for the affected Barco ClickShare products by uploading a wallpaper with a specially crafted name.
What is the impact of CVE-2017-12460?
CVE-2017-12460 allows an authenticated user to upload a specially crafted wallpaper, potentially leading to unauthorized access or privilege escalation.
How can I check if my Barco ClickShare CSM-1 firmware is affected?
You can check if your Barco ClickShare CSM-1 firmware is affected by verifying that the version is earlier than v1.7.0.3.
How can I check if my Barco Clickshare Csc-1 Firmware is affected?
You can check if your Barco Clickshare Csc-1 Firmware is affected by verifying that the version is earlier than v1.10.0.10.

collector/nvd-index
agent/references
agent/severity
agent/author
agent/tags
agent/type
agent/event
agent/weakness
agent/description
agent/last-modified-date
agent/softwarecombine
agent/first-publish-date
collector/mitre-cve
source/MITRE
vendor/barco
canonical/barco clickshare csm-1 firmware
canonical/barco clickshare csm-1
canonical/barco clickshare csc-1 firmware
canonical/barco clickshare csc-1

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.