CVE-2017-18024
Expert Analysis
Professional remediation guidance
Get tailored security recommendations from our analyst team for CVE-2017-18024. We'll provide specific mitigation strategies based on your environment and risk profile.
Description
AvantFAX 3.3.3 has XSS via an arbitrary parameter name to the default URI, as demonstrated by a parameter whose name contains a SCRIPT element and whose value is 1.
Available Exploits
AvantFAX 3.3.3 - Cross-Site Scripting
AvantFAX 3.3.3 contains a cross-site scripting vulnerability via an arbitrary parameter name submitted to the default URL, as demonstrated by a parameter whose name contains a SCRIPT element and whose value is 1.
Related News
GitHub Security Advisories
Community-driven vulnerability intelligence from GitHub
Advisory Details
CVSS Scoring
CVSS Score
CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
References
Advisory provided by GitHub Security Advisory Database. Published: May 14, 2022, Modified: May 14, 2022