CVE-2017-7998
Description
Multiple cross-site scripting (XSS) vulnerabilities in Gespage before 7.4.9 allow remote attackers to inject arbitrary web script or HTML via the (1) printer name when adding a printer in the admin panel or (2) username parameter to webapp/users/user_reg.jsp.
- CVSS Version 3.0
- CVSS Version 2.0
nvd
CVE ID: CVE-2017-7998
Base Score: 6.1
Base Severity: MEDIUM
Vector String:CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
nvd
CVE ID: CVE-2017-7998
Base Score: 4.3
Base Severity: MEDIUM
Vector String:AV:N/AC:M/Au:N/C:N/I:P/A:N
Proof Of Concept
homjxi0e
Denial of service by Exit in Terminal !!
Refrence: GitHub
Refrence: NVD