CVE-2017-14093: XSS
First published: Fri Dec 15 2017(Updated: )
The Log Query and Quarantine Query pages in Trend Micro ScanMail for Exchange 12.0 are vulnerable to cross site scripting (XSS) attacks.
Credit: security@trendmicro.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Trendmicro Scanmail | =12.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this vulnerability?
The vulnerability ID for this vulnerability is CVE-2017-14093.
What software is affected by this vulnerability?
The Log Query and Quarantine Query pages in Trend Micro ScanMail for Exchange 12.0 are affected by this vulnerability.
What is the severity level of CVE-2017-14093?
The severity level of CVE-2017-14093 is medium (6.1).
What is the Common Weakness Enumeration (CWE) ID for this vulnerability?
The Common Weakness Enumeration (CWE) ID for this vulnerability is CWE-79.
How can I fix the cross site scripting (XSS) vulnerability in Trend Micro ScanMail for Exchange 12.0?
To fix the cross site scripting (XSS) vulnerability in Trend Micro ScanMail for Exchange 12.0, it is recommended to apply the security patches released by the vendor. Additionally, the use of a web application firewall (WAF) or security monitoring tools can help mitigate the risk of XSS attacks.
- collector/nvd-index
- agent/references
- agent/weakness
- agent/severity
- agent/author
- agent/description
- agent/type
- agent/event
- agent/remedy
- agent/first-publish-date
- agent/softwarecombine
- agent/last-modified-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/trendmicro
- canonical/trendmicro scanmail
- version/trendmicro scanmail/12.0