CVE-2017-14231: Improper Input Validation
(updated )
GeniXCMS allows remote attackers to cause a denial of service (account blockage) by leveraging the mishandling of certain username substring relationships, such as the admin<script>
username versus the admin
username, related to register.php
, User.class.php
, and Type.class.php
.
References
Detect and mitigate CVE-2017-14231 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →