Apache Sling XSS Protection API CVE-2017-15717 Cross Site Scripting Vulnerability
BID:104257
Info
Apache Sling XSS Protection API CVE-2017-15717 Cross Site Scripting Vulnerability
| Bugtraq ID: | 104257 |
| Class: | Input Validation Error |
| CVE: |
CVE-2017-15717 |
| Remote: | Yes |
| Local: | No |
| Published: | Jan 10 2018 12:00AM |
| Updated: | Jan 10 2018 12:00AM |
| Credit: | The vendor reported this issue. |
| Vulnerable: |
Apache Sling XSS Protection API Compat 1.1 Apache Sling XSS Protection API 2.0 Apache Sling XSS Protection API 1.0.18 Apache Sling XSS Protection API 1.0.4 Apache Sling XSS Protection API 1.0.12 |
| Not Vulnerable: |
Apache Sling XSS Protection API 2.0.4 |
Exploit / POC
Apache Sling XSS Protection API CVE-2017-15717 Cross Site Scripting Vulnerability
An attacker can exploit this issue by enticing an unsuspecting user into visiting a specially crafted URL.
An attacker can exploit this issue by enticing an unsuspecting user into visiting a specially crafted URL.