Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 08/09/2017 Updated: 14/09/2017

CVSS v2 Base Score: 3.5 | Impact Score: 2.9 | Exploitability Score: 6.8

CVSS v3 Base Score: 5.4 | Impact Score: 2.7 | Exploitability Score: 2.3

VMScore: 312

Vector: AV:N/AC:M/Au:S/C:N/I:P/A:N

Wolf CMS 0.8.3.1 allows Cross-Site Scripting (XSS) attacks. The vulnerability exists due to insufficient sanitization of the file name in a "create-file-popup" action, and the directory name in a "create-directory-popup" action, in the HTTP POST method to the "/plugin/file_manager/" script (aka an /admin/plugin/file_manager/browse// URI).

Vulnerable Product	Search on Vulmon	Subscribe to Product
wolfcms wolf cms 0.8.3.1

WolfCMS-v0.8.3.1 Cross Site Scripting(XSS) Assigned CVE Number: CVE-2017-11611

Wolfcms-v0831-xss-POC-by-Provensec-llc WolfCMS-v0831 Cross Site Scripting(XSS) Assigned CVE Number: CVE-2017-11611

CWE-79 https://github.com/faizzaidi/Wolfcms-v0.8.3.1-xss-POC-by-Provensec-llc https://nvd.nist.gov https://github.com/faizzaidi/Wolfcms-v0.8.3.1-xss-POC-by-Provensec-llc

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2017-11611

Vulnerability Summary

Github Repositories

References

Vulmon Search

About

Products

Connect