CVE-2017-8384
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2017-8384
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-8384.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2017-8384
- Aliases
- Published
- 2017-05-01T06:59:00Z
- Modified
- 2024-09-03T02:00:46.396484Z
- Severity
-
- 6.1 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
- Summary
- [none]
- Details
-
Craft CMS before 2.6.2976 allows XSS attacks because an array returned by HttpRequestService::getSegments() and getActionSegments() need not be zero-based. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-8052.
- References
Affected packages
Git / github.com/craftcms/cms
Affected ranges
- Type
- GIT
- Repo
- https://github.com/craftcms/cms
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affected
Affected versions
0.*
0.9.0-alpha.2229
0.9.0-alpha.2231
0.9.0-alpha.2232
0.9.2063
0.9.2064
0.9.2065
0.9.2068
0.9.2071
0.9.2078
0.9.2079
0.9.2080
0.9.2081
0.9.2083
0.9.2084
0.9.2090
0.9.2092
0.9.2094
0.9.2100
0.9.2101
0.9.2102
0.9.2103
0.9.2104
0.9.2106
0.9.2112
0.9.2114
0.9.2115
0.9.2116
0.9.2117
0.9.2123
0.9.2124
0.9.2127
0.9.2131
0.9.2133
0.9.2135
0.9.2136
0.9.2137
0.9.2146
0.9.2151
0.9.2157
0.9.2163
0.9.2164
0.9.2165
0.9.2167
0.9.2168
0.9.2177
0.9.2181
0.9.2184
0.9.2189
0.9.2193
0.9.2194
0.9.2199
0.9.2200
0.9.2201
0.9.2202
0.9.2204
0.9.2205
0.9.2211
0.9.2213
0.9.2214
0.9.2216
0.9.2218
0.9.2219
0.9.2222
0.9.2235
0.9.2240
0.9.2243
0.9.2246
0.9.2260
0.9.2262
1.*
1.0.0-alpha.2233
1.0.0-alpha.2234
1.0.0-alpha.2236
1.0.0-alpha.2237
1.0.0-alpha.2238
1.0.0-alpha.2241
1.0.0-alpha.2242
1.0.0-alpha.2244
1.0.0-alpha.2245
1.0.0-alpha.2247
1.0.0-alpha.2248
1.0.0-alpha.2249
1.0.2266
1.0.2267
1.0.2270
1.0.2273
1.0.2274
1.0.2275
1.0.2277
1.0.2278
1.0.2280
1.1.0-alpha.2282
1.1.0-alpha.2283
1.1.0-alpha.2284
1.1.0-alpha.2285
1.1.0-alpha.2288
1.1.2291
1.1.2293
1.1.2298
1.1.2300
1.1.2302
1.1.2304
1.1.2305
1.1.2313
1.1.2314
1.1.2321
1.2.0-alpha.2310
1.2.0-alpha.2312
1.2.0-alpha.2316
1.2.0-alpha.2318
1.2.0-alpha.2319
1.2.0-alpha.2322
1.2.0-alpha.2323
1.2.0-alpha.2324
1.2.0-alpha.2328
1.2.0-alpha.2329
1.2.0-alpha.2332
1.2.2333
1.2.2335
1.2.2336
1.2.2337
1.2.2339
1.2.2358
1.2.2363
1.2.2367
1.2.2371
1.2.2375
1.2.2387
1.2.2392
1.2.2396
1.2.2399
1.3.0-alpha.2361
1.3.0-alpha.2366
1.3.0-alpha.2372
1.3.0-alpha.2374
1.3.0-alpha.2377
1.3.0-alpha.2378
1.3.0-alpha.2380
1.3.0-alpha.2388
1.3.0-alpha.2394
1.3.0-alpha.2397
1.3.0-alpha.2401
1.3.0-alpha.2402
1.3.0-alpha.2405
1.3.0-alpha.2464
1.3.2409
1.3.2410
1.3.2415
1.3.2416
1.3.2418
1.3.2419
1.3.2420
1.3.2422
1.3.2456
1.3.2459
1.3.2461
1.3.2462
1.3.2465
1.3.2473
1.3.2485
1.3.2486
1.3.2487
1.3.2494
1.3.2496
1.3.2507
1.4.0-alpha.2469
1.4.0-alpha.2470
1.4.0-alpha.2471
1.4.0-alpha.2476
1.4.0-alpha.2478
1.4.0-alpha.2479
1.4.0-alpha.2482
1.4.0-alpha.2484
1.4.0-alpha.2488
1.4.0-alpha.2489
1.4.0-alpha.2490
1.4.0-alpha.2491
1.4.0-alpha.2492
1.4.0-alpha.2493
1.4.0-alpha.2495
1.4.0-alpha.2497
1.4.0-alpha.2498
1.4.0-alpha.2499
1.4.0-alpha.2500
1.4.0-alpha.2502
1.4.0-alpha.2503
1.4.0-alpha.2505
1.4.0-alpha.2506
1.4.0-alpha.2509
1.4.0-alpha.2512
1.4.0-alpha.2513
1.4.0-alpha.2519
1.4.0-alpha.2521
2.*
2.0.2524
2.0.2525
2.0.2527
2.0.2528
2.0.2532
2.0.2533
2.0.2535
2.0.2536
2.0.2537
2.0.2538
2.0.2539
2.0.2540
2.0.2541
2.0.2542
2.0.2543
2.0.2548
2.0.2549
2.0.2551
2.1.0-alpha.2546
2.1.0-alpha.2547
2.1.0-alpha.2552
2.1.2554
2.1.2555
2.1.2556
2.1.2557
2.1.2559
2.1.2561
2.1.2562
2.1.2563
2.1.2564
2.1.2566
2.1.2568
2.1.2569
2.1.2570
2.2.0-alpha.2572
2.2.0-alpha.2575
2.2.0-alpha.2578
2.2.2579
2.2.2581
2.2.2582
2.2.2586
2.2.2587
2.2.2588
2.2.2589
2.2.2590
2.2.2591
2.2.2592
2.2.2593
2.2.2596
2.2.2598
2.2.2601
2.2.2604
2.2.2607
2.3.0-alpha.2600
2.3.0-alpha.2602
2.3.0-alpha.2603
2.3.0-alpha.2605
2.3.0-alpha.2606
2.3.0-alpha.2608
2.3.0-alpha.2610
2.3.0-alpha.2612
2.3.0-alpha.2645
2.3.2615
2.3.2616
2.3.2617
2.3.2618
2.3.2620
2.3.2621
2.3.2623
2.3.2624
2.3.2625
2.3.2626
2.3.2627
2.3.2629
2.3.2632
2.3.2635
2.3.2636
2.3.2639
2.3.2640
2.3.2641
2.3.2642
2.3.2643
2.3.2644
2.4.2664
2.4.2666
2.4.2667
2.4.2668
2.4.2669
2.4.2670
2.4.2675
2.4.2677
2.4.2679
2.4.2682
2.4.2684
2.4.2688
2.4.2691
2.4.2692
2.4.2693
2.4.2695
2.4.2696
2.4.2697
2.4.2698
2.4.2699
2.4.2700
2.4.2701
2.4.2702
2.4.2723
2.4.2725
2.4.2726
2.5.0-beta.2713
2.5.0-beta.2715
2.5.0-beta.2716
2.5.0-beta.2717
2.5.0-beta.2720
2.5.0-beta.2722
2.5.0-beta.2724
2.5.0-beta.2727
2.5.0-beta.2740
2.5.2750
2.5.2752
2.5.2753
2.5.2754
2.5.2755
2.5.2757
2.5.2759
2.5.2760
2.5.2761
2.5.2762
2.5.2763
2.5.2765
2.5.2767
2.6.2771
2.6.2773
2.6.2774
2.6.2776
2.6.2778
2.6.2779
2.6.2780
2.6.2781
2.6.2783
2.6.2784
2.6.2785
2.6.2788
2.6.2789
2.6.2791
2.6.2793
2.6.2794
2.6.2795
2.6.2796
2.6.2797
2.6.2798
2.6.2804
2.6.2903
2.6.2911
2.6.2916
2.6.2922
2.6.2923
2.6.2929
2.6.2930
2.6.2931
2.6.2940
2.6.2944
2.6.2945
2.6.2949
2.6.2950
2.6.2951
2.6.2952
2.6.2953
2.6.2954
2.6.2955
2.6.2956
2.6.2957
2.6.2958
2.6.2959
2.6.2960
2.6.2961
2.6.2962
2.6.2963
2.6.2964
2.6.2965
2.6.2966
2.6.2967
2.6.2968
2.6.2969
2.6.2970
2.6.2971
2.6.2972
2.6.2973
2.6.2974