Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.1
CVSSv3

CVE-2017-7998

Published: 08/01/2018 Updated: 01/02/2018
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 6.1 | Impact Score: 2.7 | Exploitability Score: 2.8
VMScore: 384
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Subscribe to Gespage

Vulnerability Summary

Multiple cross-site scripting (XSS) vulnerabilities in Gespage prior to 7.4.9 allow remote malicious users to inject arbitrary web script or HTML via the (1) printer name when adding a printer in the admin panel or (2) username parameter to webapp/users/user_reg.jsp.

Vulnerable Product Search on Vulmon Subscribe to Product

gespage gespage

Exploits

Exploit DB: Gespage 7.4.8 Cross Site Scripting
Gespage versions 748 and below suffer from a cross site scripting vulnerability ...

References

CWE-79https://sysdream.com/news/lab/2018-01-02-cve-2017-7998-gespage-stored-cross-site-scripting-xss-vulnerability/http://seclists.org/fulldisclosure/2018/Jan/13https://nvd.nist.govhttps://packetstormsecurity.com/files/145734/Gespage-7.4.8-Cross-Site-Scripting.html
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4651CVE-2024-34255elevation of privilegeCVE-2024-25529CVE-2024-4671NULL pointer dereferenceCVE-2024-25527template injectionCVE-2008-0166
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook