Cross-site scripting (XSS) vulnerability in the Trello app before 4.0.8 for iOS might allow remote attackers to inject arbitrary web script or HTML by uploading and attaching a crafted photo to a Card.
References
Link | Resource |
---|---|
https://hackerone.com/reports/227853 | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2017-08-02T19:00:00
Updated: 2017-08-02T18:57:01
Reserved: 2017-05-28T00:00:00
Link: CVE-2017-9244
JSON object: View
NVD Information
Status : Analyzed
Published: 2017-08-02T19:29:00.977
Modified: 2017-08-07T22:12:14.947
Link: CVE-2017-9244
JSON object: View
Redhat Information
No data.
CWE