CVE-2017-6446

CVE-2017-6446

EPSS 0.7%

XSS was discovered in Dotclear v2.11.2, affecting admin/blogs.php and admin/users.php with the sortby and order parameters.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://dev.dotclear.org/2.0/changeset/1e44804e7c85b45f42245111c8c0de100a2ff6e3 http://www.securityfocus.com/bid/96575