CVE-2017-14093

CWE-79Cross-site Scripting (XSS)3 documents3 sources
Severity
6.1MEDIUM
EPSS
0.4%
top 42.15%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Trend Micro Trend Micro Scanmail FOR ExchangeTrendmicro Scanmail
Timeline
PublishedDec 16
Latest updateMay 14

Description

The Log Query and Quarantine Query pages in Trend Micro ScanMail for Exchange 12.0 are vulnerable to cross site scripting (XSS) attacks.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.7

Affected Packages2 packages

Patches

Patch: success.trendmicro.comPatch: success.trendmicro.com

🔴Vulnerability Details

2
GHSA
GHSA-hj8m-hjqm-jfvq: The Log Query and Quarantine Query pages in Trend Micro ScanMail for Exchange 122022-05-14
CVEList
CVE-2017-14093: The Log Query and Quarantine Query pages in Trend Micro ScanMail for Exchange 122017-12-15
CVE-2017-14093 (MEDIUM CVSS 6.1) | The Log Query and Quarantine Query | cvebase.io