← back
CVE-2017-14096

CVE-2017-14096

EPSS 3.1%
A stored cross site scripting (XSS) vulnerability in Trend Micro Smart Protection Server (Standalone) versions 3.2 and below could allow an attacker to execute a malicious payload on vulnerable systems.
Affected products
Trend Micro · Trend Micro Smart Protection Server (Standalone)
public PoCs found2
cve_referencewww.exploit-db.com/exploits/43388/unverifiedexploitdbwww.exploit-db.com/exploits/43388unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://success.trendmicro.com/solution/1118992https://www.coresecurity.com/advisories/trend-micro-smart-protection-server-multiple-vulnerabilitieshttps://www.exploit-db.com/exploits/43388/http://www.securityfocus.com/bid/102275