First published: Thu May 09 2019(Updated: )
Multiple cross-site scripting (XSS) vulnerabilities in admin/index.php in Metinfo 5.3.18 allows remote attackers to inject arbitrary web script or HTML via the (1) class1 parameter or the (2) anyid parameter.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Metinfo Metinfo | =5.3.18 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2017-12788 is medium with a CVSS score of 6.1.
The affected software version for CVE-2017-12788 is Metinfo 5.3.18.
CVE-2017-12788 allows remote attackers to inject arbitrary web script or HTML, posing a risk of cross-site scripting (XSS) attacks.
There are currently no known fixes for CVE-2017-12788. It is recommended to upgrade to a newer version of Metinfo when available.
Yes, you can find additional information about CVE-2017-12788 at the following link: [GitHub - MetInfo5.3](https://github.com/lemon666/vuln/blob/master/MetInfo5.3.md)