Multiple Persistent Stored Cross-Site Scripting (XSS) Vulnerabilities in WebsiteBaker 2.10.0

Multiple Persistent Stored Cross-Site Scripting (XSS) Vulnerabilities in WebsiteBaker 2.10.0

CVE-2017-16514 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

Multiple persistent stored Cross-Site-Scripting (XSS) vulnerabilities in the files /wb/admin/admintools/tool.php (Droplet Description) and /install/index.php (Site Title) in WebsiteBaker 2.10.0 allow attackers to insert persistent JavaScript code that gets reflected back to users in multiple areas in the application.

Learn more about our Web App Pen Testing.