Filtered by vendor Phalconeye Project Subscriptions
Filtered by product Phalconeye Subscriptions
Total 1 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2017-5960 1 Phalconeye Project 1 Phalconeye 2024-08-05 N/A
An issue was discovered in Phalcon Eye through 0.4.1. The vulnerability exists due to insufficient filtration of user-supplied data in multiple HTTP GET parameters passed to the "phalconeye-master/public/external/pydio/plugins/editor.webodf/frame.php" URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website.