Sign in Subscribe

← All advisories

Medium severity6.1NVD Advisory· Published Jul 26, 2017· Updated May 13, 2026

CVE-2017-11629

CVE-2017-11629

Description

dayrui FineCms through 5.0.10 has Cross Site Scripting (XSS) in controllers/api.php via the function parameter in a c=api&m=data2 request.

Affected products

1

Finecms/Finecms
cpe:2.3:a:finecms:finecms:*:*:*:*:*:*:*:*
Range: <=5.0.10

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

1

lorexxar.cn/2017/07/20/FineCMS%20multi%20vulnerablity%20before%20v5.0.9/nvdExploitThird Party Advisory

News mentions

0

No linked articles in our index yet.