Show filters
2 Total Results
Displaying 1-2 of 2
Sort by:
Attacker Value
Unknown

CVE-2017-8384

Disclosure Date: May 01, 2017 (last updated November 26, 2024)
Craft CMS before 2.6.2976 allows XSS attacks because an array returned by HttpRequestService::getSegments() and getActionSegments() need not be zero-based. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-8052.
0
0
Attacker Value
Unknown

CVE-2017-8052

Disclosure Date: April 22, 2017 (last updated November 26, 2024)
Craft CMS before 2.6.2974 allows XSS attacks.
0
0