CVE-2017-15885

CWE-79Cross-site Scripting (XSS)3 documents3 sources
Severity
6.1MEDIUM
EPSS
0.2%
top 55.00%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Axis 2100 Network Camera Firmware
Timeline
PublishedOct 25
Latest updateMay 17

Description

Reflected XSS in the web administration portal on the Axis 2100 Network Camera 2.03 allows an attacker to execute arbitrary JavaScript via the conf_Layout_OwnTitle parameter to view/view.shtml. NOTE: this might overlap CVE-2007-5214.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.7

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-g24r-xx39-j2xh: Reflected XSS in the web administration portal on the Axis 2100 Network Camera 22022-05-17
CVEList
CVE-2017-15885: Reflected XSS in the web administration portal on the Axis 2100 Network Camera 22017-10-25
CVE-2017-15885 (MEDIUM CVSS 6.1) | Reflected XSS in the web administra | cvebase.io