CVE-2017-8892

Cross-site scripting (XSS) vulnerability in OpenText Tempo Box 10.0.3 allows remote attackers to inject arbitrary web script or HTML persistently via the name of an uploaded image.
References
Link Resource
https://www.tarlogic.com/blog/vulnerabilidades-en-tempobox/ Exploit Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:opentext:tempo_box:10.0.3:*:*:*:*:*:*:*

History

No history.

Information

Published : 2017-05-10 17:29

Updated : 2024-02-04 19:11


NVD link : CVE-2017-8892

Mitre link : CVE-2017-8892

CVE.ORG link : CVE-2017-8892


JSON object : View

Products Affected

opentext

  • tempo_box
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')