Civic Platform Citizen Access

CVEs (2)

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	KEV	Published	Description
CVE-2016-5661	Accela Civic Platform Citizen Access	Hig	0.58	8.8	0.06		Jul 15, 2016	Accela Civic Platform Citizen Access portal relies on the client to restrict file types for uploads, which allows remote authenticated users to execute arbitrary code via modified _EventArgument and filename parameters.
CVE-2016-5660	Accela Civic Platform Citizen Access	Med	0.40	6.1	0.03		Jul 15, 2016	Cross-site scripting (XSS) vulnerability in AttachmentsList.aspx in Accela Civic Platform Citizen Access portal allows remote attackers to inject arbitrary web script or HTML via the iframeid parameter.

CVE-2016-5661HigJul 15, 2016
Accela
Civic Platform Citizen Access
risk 0.58cvss 8.8epss 0.06
Accela Civic Platform Citizen Access portal relies on the client to restrict file types for uploads, which allows remote authenticated users to execute arbitrary code via modified _EventArgument and filename parameters.
CVE-2016-5660MedJul 15, 2016
Accela
Civic Platform Citizen Access
risk 0.40cvss 6.1epss 0.03
Cross-site scripting (XSS) vulnerability in AttachmentsList.aspx in Accela Civic Platform Citizen Access portal allows remote attackers to inject arbitrary web script or HTML via the iframeid parameter.