Miggo Logo

CVE-2017-9802: Improper Neutralization of Input During Web Page Generation Apache Sling Servlets Post

6.1

CVSS Score
3.0

Basic Information

EPSS Score
0.69286%
Published
5/14/2022
Updated
1/27/2023
KEV Status
No
Technology
TechnologyJava

Technical Details

CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
org.apache.sling:org.apache.sling.servlets.postmaven< 2.3.222.3.22

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis:
In progress

WAF Protection Rules

WAF Rule

T** J*v*s*ript m*t*o* Slin*.*v*lStrin*() in *p**** Slin* S*rvl*ts Post ***or* *.*.** us*s t** j*v*s*ript '*v*l' *un*tion to p*rs* input strin*s, w*i** *llows *or XSS *tt**ks *y p*ssin* sp**i*lly *r**t** input strin*s.

Reasoning

No *n*lysis *v*il**l*