A vulnerability classified as problematic was found in Bitrix Site Manager 12.06.2015. Affected by this vulnerability is an unknown functionality of the component Contact Form. The manipulation of the argument text with the input <img src="http://1"; on onerror="$(’p').text(’Hacked’)" /> leads to basic cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: VulDB
Published: 2022-06-30T05:05:22
Updated: 2024-08-05T21:45:25.995Z
Reserved: 2022-06-27T00:00:00
Link: CVE-2017-20122
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2022-06-30T05:15:07.067
Modified: 2022-07-09T00:20:57.390
Link: CVE-2017-20122
Redhat
No data.