CVE-2017-15881

Published: 2017-10-24T22:29Z

Last Modified: 2024-11-21T03:15Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

Cross-Site Scripting vulnerability in KeystoneJS before 4.0.0-beta.7 allows remote authenticated administrators to inject arbitrary web script or HTML via the "content brief" or "content extended" field, a different vulnerability than CVE-2017-15878. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt