CVE-2017-18228

Remedy Mid Tier in BMC Remedy AR System 9.1 allows XSS via the ATTKey parameter in an arsys/servlet/AttachServlet request.
References
Link Resource
https://communities.bmc.com/thread/164169 Vendor Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:bmc:remedy_action_request_system:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2018-03-12 23:29

Updated : 2024-02-04 19:46


NVD link : CVE-2017-18228

Mitre link : CVE-2017-18228

CVE.ORG link : CVE-2017-18228


JSON object : View

Products Affected

bmc

  • remedy_action_request_system
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')