CVEs-PoC/2017/CVE-2017-18635.md at main

CalvinBackup/CVEs-PoC

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2026-04-21 09:56:14 +02:00

Files

T

0xMarcio cb00e1339f Update CVE list 2025-09-29 21:09

2025-09-29 21:09:30 +02:00

1017 B

Raw Permalink Blame History

CVE-2017-18635

Description

An XSS vulnerability was discovered in noVNC before 0.6.2 in which the remote VNC server could inject arbitrary HTML into the noVNC web page via the messages propagated to the status field, such as the VNC server name.

POC

Reference

https://github.com/ShielderSec/cve-2017-18635
https://www.shielder.it/blog/exploiting-an-old-novnc-xss-cve-2017-18635-in-openstack/

Github

https://github.com/20142995/sectool
https://github.com/ARPSyndicate/cvemon
https://github.com/ShielderSec/CVE-2017-18635
https://github.com/ShielderSec/poc
https://github.com/alphaSeclab/sec-daily-2019
https://github.com/ossf-cve-benchmark/CVE-2017-18635

1017 B Raw Permalink Blame History

CVE-2017-18635

Description

POC

Reference

Github

1017 B

Raw Permalink Blame History