CVE-2017-20182 Vulnerability Details

  /     /     /  

CVE-2017-20182 Metadata Quick Info

CVE Published: 10/03/2023 | CVE Updated: 22/11/2024 | CVE Year: 2017
Source: VulDB | Vendor: Mobile Vikings | Product: Django AJAX Utilities
Status : PUBLISHED

---

CVE-2017-20182 Description

A vulnerability was found in Mobile Vikings Django AJAX Utilities up to 1.2.1 and classified as problematic. This issue affects the function Pagination of the file django_ajax/static/ajax-utilities/js/pagination.js of the component Backslash Handler. The manipulation of the argument url leads to cross site scripting. The attack may be initiated remotely. The patch is named 329eb1dd1580ca1f9d4f95bc69939833226515c9. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-222611.

Metrics

CVSS Version: 3.1 | Base Score: 3.5 LOW
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID: CWE-79
CWE Name: CWE-79 Cross Site Scripting
Source: Mobile Vikings

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).