Sign in Subscribe

← All advisories

Medium severity6.1NVD Advisory· Published Jul 24, 2017· Updated May 13, 2026

CVE-2017-11581

CVE-2017-11581

Description

dayrui FineCms 5.0.9 has Cross Site Scripting (XSS) in admin/Login.php via a payload in the username field that does not begin with a '<' character.

Affected products

1

Finecms/Finecms
cpe:2.3:a:finecms:finecms:5.0.9:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

1

lorexxar.cn/2017/07/20/FineCMS%20multi%20vulnerablity%20before%20v5.0.9/nvdExploitThird Party Advisory

News mentions

0

No linked articles in our index yet.