Medium severity6.1NVD Advisory· Published Jan 23, 2018· Updated Jun 17, 2026
CVE-2017-15092
CVE-2017-15092
Description
A cross-site scripting issue has been found in the web interface of PowerDNS Recursor from 4.0.0 up to and including 4.0.6, where the qname of DNS queries was displayed without any escaping, allowing a remote attacker to inject HTML and Javascript code into the web interface, altering the content.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- Range: from 4.0.0 up to and including 4.0.6
Patches
Vulnerability mechanics
References
2- doc.powerdns.com/recursor/security-advisories/powerdns-advisory-2017-05.htmlnvdPatchVendor Advisory
- www.securityfocus.com/bid/101982nvdThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.