trollepierre/tdm before 2017-04-13 is vulnerable to a reflected XSS in tdm-master/webhook.php (challenge parameter).
References
Link | Resource |
---|---|
https://github.com/trollepierre/tdm/commit/2e89019d6a491f0a5ac3db8732181f6eb1d219aa | Patch Third Party Advisory |
https://github.com/trollepierre/tdm/issues/50 | Exploit Third Party Advisory |
Configurations
History
No history.
Information
Published : 2017-04-14 18:59
Updated : 2024-02-28 15:44
NVD link : CVE-2017-7871
Mitre link : CVE-2017-7871
CVE.ORG link : CVE-2017-7871
JSON object : View
Products Affected
tdm_project
- tdm
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')