CalvinBackup/CVEs-PoC
1
0
Fork 0
mirror of https://github.com/0xMarcio/cve.git synced 2026-05-09 23:27:33 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
52f3262c8d52545fc4e20c2a38454fc446c51385
CVEs-PoC/2017/CVE-2017-11507.md
T
0xMarcio ba290685fe Update CVE sources 2024-06-09 00:33
2024-06-09 00:33:16 +00:00

958 B
Raw Blame History

CVE-2017-11507

Description

A cross site scripting (XSS) vulnerability exists in Check_MK versions 1.2.8x prior to 1.2.8p25 and 1.4.0x prior to 1.4.0p9, allowing an unauthenticated attacker to inject arbitrary HTML or JavaScript via the output_format parameter, and the username parameter of failed HTTP basic authentication attempts, which is returned unencoded in an internal server error page.

POC

Reference

Github

No PoCs found on GitHub currently.

Reference in New Issue View Git Blame Copy Permalink