Security Advisory

CVE-2017-7390

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2017-04-01 01:07:00

Last updated 2024-08-05 16:04:10

Assigner mitre

State PUBLISHED

Description

A Cross-Site Scripting (XSS) was discovered in SocialNetwork v1.2.1. The vulnerability exists due to insufficient filtration of user-supplied data (mail) passed to the SocialNetwork-andrea/app/template/pw_forgot.php URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website.

← Browse all CVEs View on cve.org ↗