Vulnerability CVE-2015-0917

Vulnerability CVE-2015-0917

Published: 2015-01-08

Description:

Type:

(Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))

CVSS Base Score	Impact Subscore	Exploitability Subscore
4.3/10	2.9/10	8.6/10

Affected software
Kajona -> Kajona

https://www.kajona.de/de/News/newsdetails.Security-update-to-module-system.newsDetail.22ac42054aa88a07826c.html

https://github.com/kajona/kajonacms/commit/563d39c327606232e480602f7b36ea6cb31bc6f7

http://sroesemann.blogspot.de/2015/01/report-for-advisory-sroeadv-2015-01.html

http://seclists.org/fulldisclosure/2015/Jan/11

http://packetstormsecurity.com/files/129826/Kajona-CMS-4.6-Cross-Site-Scripting.html