CVE-2017-8920

CVE-2017-8920

EPSS 0.7%

irc.cgi in CGI:IRC before 0.5.12 reflects user-supplied input from the R parameter without proper output encoding, aka XSS.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://cgiirc.org/https://github.com/dgl/cgiirc/commit/46dd48442204207b52c16065ad67d294194afd8d