CVE-2017-6541

Multiple Cross-Site Scripting (XSS) issues were discovered in webpagetest 3.0. The vulnerabilities exist due to insufficient filtration of user-supplied data (benchmark, time) passed to the webpagetest-master/www/benchmarks/viewtest.php URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website.
Configurations

Configuration 1 (hide)

cpe:2.3:a:webpagetest_project:webpagetest:3.0:*:*:*:*:*:*:*

History

No history.

Information

Published : 2017-03-08 08:59

Updated : 2024-02-04 19:11


NVD link : CVE-2017-6541

Mitre link : CVE-2017-6541

CVE.ORG link : CVE-2017-6541


JSON object : View

Products Affected

webpagetest_project

  • webpagetest
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')