Search criteria
2 vulnerabilities found for minichan by minichan
CVE-2017-20167 (GCVE-0-2017-20167)
Vulnerability from nvd – Published: 2023-01-14 19:47 – Updated: 2024-08-05 21:45
VLAI
Title
Minichan reports.php cross site scripting
Summary
A vulnerability, which was classified as problematic, was found in Minichan. This affects an unknown part of the file reports.php. The manipulation of the argument headline leads to cross site scripting. It is possible to initiate the attack remotely. The identifier of the patch is fc0e732e58630cba318d6bf49d1388a7aa9d390e. It is recommended to apply a patch to fix this issue. The identifier VDB-217785 was assigned to this vulnerability.
Severity
CWE
- CWE-79 - Cross Site Scripting
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://vuldb.com/?id.217785 | vdb-entrytechnical-description |
| https://vuldb.com/?ctiid.217785 | signaturepermissions-required |
| https://github.com/Minichan/Minichan/pull/54 | issue-tracking |
| https://github.com/Minichan/Minichan/commit/fc0e7… | patch |
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T21:45:26.052Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"technical-description",
"x_transferred"
],
"url": "https://vuldb.com/?id.217785"
},
{
"tags": [
"signature",
"permissions-required",
"x_transferred"
],
"url": "https://vuldb.com/?ctiid.217785"
},
{
"tags": [
"issue-tracking",
"x_transferred"
],
"url": "https://github.com/Minichan/Minichan/pull/54"
},
{
"tags": [
"patch",
"x_transferred"
],
"url": "https://github.com/Minichan/Minichan/commit/fc0e732e58630cba318d6bf49d1388a7aa9d390e"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Minichan",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "tool",
"value": "VulDB GitHub Commit Analyzer"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as problematic, was found in Minichan. This affects an unknown part of the file reports.php. The manipulation of the argument headline leads to cross site scripting. It is possible to initiate the attack remotely. The identifier of the patch is fc0e732e58630cba318d6bf49d1388a7aa9d390e. It is recommended to apply a patch to fix this issue. The identifier VDB-217785 was assigned to this vulnerability."
},
{
"lang": "de",
"value": "Es wurde eine problematische Schwachstelle in Minichan gefunden. Es betrifft eine unbekannte Funktion der Datei reports.php. Durch das Manipulieren des Arguments headline mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk erfolgen. Der Patch wird als fc0e732e58630cba318d6bf49d1388a7aa9d390e bezeichnet. Als bestm\u00f6gliche Massnahme wird Patching empfohlen."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 3.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 3.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 4,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Cross Site Scripting",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-20T11:47:15.831Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.217785"
},
{
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.217785"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/Minichan/Minichan/pull/54"
},
{
"tags": [
"patch"
],
"url": "https://github.com/Minichan/Minichan/commit/fc0e732e58630cba318d6bf49d1388a7aa9d390e"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-01-10T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2023-01-10T00:00:00.000Z",
"value": "CVE reserved"
},
{
"lang": "en",
"time": "2023-01-10T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2023-01-31T08:36:16.000Z",
"value": "VulDB entry last update"
}
],
"title": "Minichan reports.php cross site scripting"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2017-20167",
"datePublished": "2023-01-14T19:47:46.417Z",
"dateReserved": "2023-01-10T13:54:02.041Z",
"dateUpdated": "2024-08-05T21:45:26.052Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-20167 (GCVE-0-2017-20167)
Vulnerability from cvelistv5 – Published: 2023-01-14 19:47 – Updated: 2024-08-05 21:45
VLAI
Title
Minichan reports.php cross site scripting
Summary
A vulnerability, which was classified as problematic, was found in Minichan. This affects an unknown part of the file reports.php. The manipulation of the argument headline leads to cross site scripting. It is possible to initiate the attack remotely. The identifier of the patch is fc0e732e58630cba318d6bf49d1388a7aa9d390e. It is recommended to apply a patch to fix this issue. The identifier VDB-217785 was assigned to this vulnerability.
Severity
CWE
- CWE-79 - Cross Site Scripting
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://vuldb.com/?id.217785 | vdb-entrytechnical-description |
| https://vuldb.com/?ctiid.217785 | signaturepermissions-required |
| https://github.com/Minichan/Minichan/pull/54 | issue-tracking |
| https://github.com/Minichan/Minichan/commit/fc0e7… | patch |
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T21:45:26.052Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"technical-description",
"x_transferred"
],
"url": "https://vuldb.com/?id.217785"
},
{
"tags": [
"signature",
"permissions-required",
"x_transferred"
],
"url": "https://vuldb.com/?ctiid.217785"
},
{
"tags": [
"issue-tracking",
"x_transferred"
],
"url": "https://github.com/Minichan/Minichan/pull/54"
},
{
"tags": [
"patch",
"x_transferred"
],
"url": "https://github.com/Minichan/Minichan/commit/fc0e732e58630cba318d6bf49d1388a7aa9d390e"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Minichan",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "tool",
"value": "VulDB GitHub Commit Analyzer"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as problematic, was found in Minichan. This affects an unknown part of the file reports.php. The manipulation of the argument headline leads to cross site scripting. It is possible to initiate the attack remotely. The identifier of the patch is fc0e732e58630cba318d6bf49d1388a7aa9d390e. It is recommended to apply a patch to fix this issue. The identifier VDB-217785 was assigned to this vulnerability."
},
{
"lang": "de",
"value": "Es wurde eine problematische Schwachstelle in Minichan gefunden. Es betrifft eine unbekannte Funktion der Datei reports.php. Durch das Manipulieren des Arguments headline mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk erfolgen. Der Patch wird als fc0e732e58630cba318d6bf49d1388a7aa9d390e bezeichnet. Als bestm\u00f6gliche Massnahme wird Patching empfohlen."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 3.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 3.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 4,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Cross Site Scripting",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-20T11:47:15.831Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.217785"
},
{
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.217785"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/Minichan/Minichan/pull/54"
},
{
"tags": [
"patch"
],
"url": "https://github.com/Minichan/Minichan/commit/fc0e732e58630cba318d6bf49d1388a7aa9d390e"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-01-10T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2023-01-10T00:00:00.000Z",
"value": "CVE reserved"
},
{
"lang": "en",
"time": "2023-01-10T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2023-01-31T08:36:16.000Z",
"value": "VulDB entry last update"
}
],
"title": "Minichan reports.php cross site scripting"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2017-20167",
"datePublished": "2023-01-14T19:47:46.417Z",
"dateReserved": "2023-01-10T13:54:02.041Z",
"dateUpdated": "2024-08-05T21:45:26.052Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}