CVE-2017-7896Cross-site Scripting in Interscan Messaging Security Virtual Appliance

CWE-79Cross-site Scripting3 documents3 sources
Severity
6.1MEDIUMNVD
EPSS
53.3%
top 2.02%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Trendmicro Interscan Messaging Security Virtual Appliance
Timeline
PublishedApr 18
Latest updateMay 17

Description

Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 9.1 before CP 1644 has XSS.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.7

Affected Packages1 packages

Patches

Patch: success.trendmicro.comPatch: success.trendmicro.com

🔴Vulnerability Details

2
GHSA
GHSA-38qg-q9cx-jv22: Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 92022-05-17
CVEList
CVE-2017-7896: Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 92017-04-18
CVE-2017-7896 — Cross-site Scripting in Trendmicro | cvebase