← Back to CVE List

CVE-2017-7188

Published: 2017-04-14T18:59Z
Last Modified: 2024-11-21T03:31Z
Source: MITRE CVE List
License: MITRE-CVE-TOS
Zurmo 3.1.1 Stable allows a Cross-Site Scripting (XSS) attack with a base64-encoded SCRIPT element within a data: URL in the returnUrl parameter to default/toggleCollapse. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt