← Retour aux CVEs
CVE-2016-4807
N/ADescription
Web2py versions 2.14.5 and below was affected by Reflected XSS vulnerability, which allows an attacker to perform an XSS attack on logged in user (admin).
Details CVE
Score CVSS v3.1N/A
Publie1/11/2017
Derniere modification4/20/2025
Sourcenvd
Observations honeypot0
Produits affectes
web2py:web2py
Faiblesses (CWE)
CWE-79
References
http://packetstormsecurity.com/files/137070/Web2py-2.14.5-CSRF-XSS-Local-File-Inclusion.html(cve@mitre.org)
https://www.exploit-db.com/exploits/39821/(cve@mitre.org)
http://packetstormsecurity.com/files/137070/Web2py-2.14.5-CSRF-XSS-Local-File-Inclusion.html(af854a3a-2127-422b-91ae-364da2661108)
https://www.exploit-db.com/exploits/39821/(af854a3a-2127-422b-91ae-364da2661108)
Correlations IOC
Aucune correlation enregistree
This product uses data from the NVD API but is not endorsed or certified by the NVD.