CVE-2017-6446

NONE EPSS 47.5%
Published Mar 5, 20179y ago ยท Modified Jun 17, 20262w ago
Find Similar
Published Mar 5, 2017 9y ago
Last Modified Jun 17, 2026 2w ago

Description

XSS was discovered in Dotclear v2.11.2, affecting admin/blogs.php and admin/users.php with the sortby and order parameters.

Threat Intelligence

EPSS Exploit Probability
47.5% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-79 Cross-site Scripting Injection

Affected Products 1

VendorProductVersionRange
dotcleardotclear2.11.2any

References 2

Remediation

  • dev.dotclear.org https://dev.dotclear.org/2.0/changeset/1e44804e7c85b45f42245111c8c0de100a2ff6e3
    Patch