CVE-2017-6446
NONE EPSS 47.5%
Published Mar 5, 20179y ago ยท Modified Jun 17, 20262w ago
Published Mar 5, 2017 9y ago
Last Modified Jun 17, 2026 2w ago
Description
XSS was discovered in Dotclear v2.11.2, affecting admin/blogs.php and admin/users.php with the sortby and order parameters.
Threat Intelligence
EPSS Exploit Probability
47.5% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Weaknesses 1
CWE-79 Cross-site Scripting Injection
Affected Products 1
| Vendor | Product | Version | Range |
|---|---|---|---|
| dotclear | dotclear | 2.11.2 | any |
References 2
- securityfocus.com http://www.securityfocus.com/bid/96575
- dev.dotclear.org https://dev.dotclear.org/2.0/changeset/1e44804e7c85b45f42245111c8c0de100a2ff6e3
Remediation
- dev.dotclear.org https://dev.dotclear.org/2.0/changeset/1e44804e7c85b45f42245111c8c0de100a2ff6e3