3.5
CVSSv2

CVE-2018-9036

Published: 20/06/2018 Updated: 10/08/2018
CVSS v2 Base Score: 3.5 | Impact Score: 2.9 | Exploitability Score: 6.8
CVSS v3 Base Score: 4.8 | Impact Score: 2.7 | Exploitability Score: 1.7
VMScore: 312
Vector: AV:N/AC:M/Au:S/C:N/I:P/A:N

Vulnerability Summary

CheckSec Canopy 3.x prior to 3.0.7 has stored XSS via the Login Page Disclaimer, allowing attacks by low-privileged users against higher-privileged users.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.
Vulnerable Product Search on Vulmon Subscribe to Product

checksec canopy

Mailing Lists

Hi List, [Title] XSS in Canopy login page ------------------------------------------ [Description] CheckSec Canopy 3x before 307 has stored XSS via the Login Page Disclaimer, allowing attacks by low-privileged users against higher-privileged usersThis instance of stored cross-site scripting (XSS) vulnerability could allow any users wit ...
[Title] XSS in Canopy login page ------------------------------------------ [Description] CheckSec Canopy 3x before 307 has stored XSS via the Login Page Disclaimer, allowing attacks by low-privileged users against higher-privileged usersThis instance of stored cross-site scripting (XSS) vulnerability could allow any users with administr ...