Medium severity6.1NVD Advisory· Published Jul 17, 2017· Updated May 13, 2026

CVE-2017-1000065

Description

Multiple Cross-site scripting (XSS) vulnerabilities in rpc.php in OpenMediaVault release 2.1 in Access Rights Management(Users) functionality allows attackers to inject arbitrary web scripts and execute malicious scripts within an authenticated client's browser.

Affected products

Openmediavault/Openmediavault
cpe:2.3:a:openmediavault:openmediavault:2.1:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/openmediavault/openmediavault/commit/b2db1e24d0e52b961b5c3b3329b6ee717cac53a2nvdPatchThird Party Advisory

News mentions

No linked articles in our index yet.

cvss	0.397
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000