updated description

2025-08-04 08:44:25 +00:00 · 2018-01-09 12:23:21 -07:00 · 2018-01-09 12:23:21 -07:00 · c6e3680d2d
commit c6e3680d2d
parent 642f4e1f41
1 changed files with 1 additions and 1 deletions
--- a/2017/1000xxx/CVE-2017-1000428.json
+++ b/2017/1000xxx/CVE-2017-1000428.json
@ -1 +1 @@
-{"data_version": "4.0","references": {"reference_data": [{"url": "https://github.com/flatCore/flatCore-CMS/issues/35"}]},"description": {"description_data": [{"lang": "eng","value": "flatCore-CMS 1.4.6 is vulnerable to reflected XSS in user_management.php and admin log panel by."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "1.4.6"}]},"product_name": "flatCore-CMS"}]},"vendor_name": "flatCore-CMS"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2017-12-29","ID": "CVE-2017-1000428","ASSIGNER": "kurt@seifried.org","REQUESTER": "sebastian.feldmann.hb@web.de"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "CWE-79"}]}]}}
+{"data_version":"4.0","references":{"reference_data":[{"url":"https://github.com/flatCore/flatCore-CMS/issues/35"}]},"description":{"description_data":[{"lang":"eng","value":"flatCore-CMS 1.4.6 is vulnerable to reflected XSS in user_management.php due to the use of $_SERVER['PHP_SELF'] to build links and a stored XSS in the admin log panel by specifying a malformed User-Agent string."}]},"data_type":"CVE","affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"version":{"version_data":[{"version_value":"1.4.6"}]},"product_name":"flatCore-CMS"}]},"vendor_name":"flatCore-CMS"}]}},"CVE_data_meta":{"DATE_ASSIGNED":"2017-12-29","ID":"CVE-2017-1000428","ASSIGNER":"kurt@seifried.org","REQUESTER":"sebastian.feldmann.hb@web.de"},"data_format":"MITRE","problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-79"}]}]}}