VYPR
Medium severity6.1NVD Advisory· Published Mar 9, 2018· Updated Jun 17, 2026

CVE-2018-7997

CVE-2018-7997

Description

Eramba e1.0.6.033 has Reflected XSS on the Error page of the CSV file inclusion tab of the /importTool/preview URI, with a CSV file polluted with malicious JavaScript.

Affected products

2
  • Eramba/Erambainferred2 versions
    = 1.0.6.033+ 1 more
    • (no CPE)range: = 1.0.6.033
    • (no CPE)range: = e1.0.6.033

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.