Medium severity6.1NVD Advisory· Published Jul 2, 2017· Updated May 13, 2026
CVE-2017-10795
CVE-2017-10795
Description
Cross-site scripting (XSS) vulnerability in Subrion CMS 4.1.4 allows remote attackers to inject arbitrary web script or HTML via the body to blog/add/, a different vulnerability than CVE-2017-6069.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
intelliants/subrionPackagist | < 4.1.6 | 4.1.6 |
Affected products
1- cpe:2.3:a:intelliants:subrion:4.1.4:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
4- github.com/intelliants/subrion/issues/467nvdExploitIssue TrackingThird Party AdvisoryWEB
- www.securityfocus.com/bid/99378nvdThird Party AdvisoryVDB EntryWEB
- github.com/advisories/GHSA-2xv7-fwh6-x7fcghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2017-10795ghsaADVISORY
News mentions
0No linked articles in our index yet.