A vulnerability classified as problematic was found in Bitrix Site Manager 12.06.2015. Affected by this vulnerability is an unknown functionality of the component Contact Form. The manipulation of the argument text with the input <img src="http://1"; on onerror="$(’p').text(’Hacked’)" /> leads to basic cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published: 2022-06-30T05:05:22

Updated: 2024-08-05T21:45:25.995Z

Reserved: 2022-06-27T00:00:00

Link: CVE-2017-20122

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2022-06-30T05:15:07.067

Modified: 2022-07-09T00:20:57.390

Link: CVE-2017-20122

cve-icon Redhat

No data.