Medium severity6.1NVD Advisory· Published Mar 5, 2017· Updated May 13, 2026
CVE-2017-6478
CVE-2017-6478
Description
paintballrefjosh/MaNGOSWebV4 before 4.0.8 is vulnerable to a reflected XSS in install/index.php (step parameter).
Affected products
1- cpe:2.3:a:mangoswebv4_project:mangoswebv4:*:*:*:*:*:*:*:*Range: <4.0.8
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
4- github.com/paintballrefjosh/MaNGOSWebV4/releases/tag/4.0.8nvdPatchRelease NotesVendor Advisory
- github.com/paintballrefjosh/MaNGOSWebV4/issues/15nvdExploitPatchVendor Advisory
- www.securityfocus.com/bid/96584nvdThird Party AdvisoryVDB Entry
- github.com/MarkLee131/awesome-web-pocs/blob/main/CVE-2017-6478.mdnvd
News mentions
0No linked articles in our index yet.