HomeWebsitebakerCVE-2017-16514

CVE-2017-16514

MEDIUM
6.1CVSS
Published: 2018-01-10
Updated: 2024-11-21
AI Analysis

Description

Multiple persistent stored Cross-Site-Scripting (XSS) vulnerabilities in the files /wb/admin/admintools/tool.php (Droplet Description) and /install/index.php (Site Title) in WebsiteBaker 2.10.0 allow attackers to insert persistent JavaScript code that gets reflected back to users in multiple areas in the application.

CVSS Metrics

Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Attack Vector
network
Complexity
low
Privileges
none
User Action
required
Scope
changed
Confidentiality
low
Integrity
low
Availability
none
Weaknesses
CWE-79

Metadata

Primary Vendor
WEBSITEBAKER
Published
1/10/2018
Last Modified
11/21/2024
Source
NIST NVD
Note: Verify all details with official vendor sources before applying patches.

Affected Products

websitebaker : websitebaker

AI-Powered Remediation

Generate remediation guidance or a C-suite brief for this vulnerability.

Executive Intelligence Brief

View on NIST NVD
CVE-CVE-2017-16514 | MEDIUM Severity | CVEDatabase.com | CVEDatabase.com