Feedback.asp in Xiao5uCompany 1.7 has XSS because the XSS protection mechanism in Safe.asp is insufficient (for example, it considers SCRIPT and IMG elements, but does not consider VIDEO elements).
References
Link | Resource |
---|---|
https://github.com/WhiteRabbitc/WhiteRabbitc.github.io/blob/master/2018/Xiao5uCompany_1.7_xss.doc | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2018-07-23T08:00:00
Updated: 2018-07-23T07:57:01
Reserved: 2018-07-22T00:00:00
Link: CVE-2018-14527
JSON object: View
NVD Information
Status : Analyzed
Published: 2018-07-23T08:29:00.653
Modified: 2018-09-18T18:36:54.007
Link: CVE-2018-14527
JSON object: View
Redhat Information
No data.
CWE