CVE-2017-14313 - CVE Vulnerability

The shibboleth_login_form function in shibboleth.php in the Shibboleth plugin before 1.8 for WordPress is prone to an XSS vulnerability due to improper use of add_query_arg(). (CVSS:0.0) (Last Update:2017-09-11)

Vulnerability Details : The shibboleth_login_form function in shibboleth.php in the Shibboleth plugin before 1.8 for WordPress is prone to an XSS vulnerability due to improper use of add_query_arg(). Publish Date : 2017-09-11 Last Update Date : 2017-09-11 - CVSS Scores & Vulnerability Types CVSS Score 0.0 Confidentiality Impact ??? Integrity Impact ??? Availability Impact ??? Access Complexity ??? Authentication ??? Gained Access None Vulnerability Type(s) Cross Site Scripting CWE ID CWE id is not defined for this vulnerability - Products Affected By CVE-2017-14313 # Product Type Vendor Product Version Update Edition Language No vulnerable product found. If the vulnerability is created recently it may take a few days to gather vulnerable products list and other information like cvss scores. Please check again in a few days. - References For CVE-2017-14313 https://bugs.debian.org/874416 CONFIRM https://github.com/michaelryanmcneill/shibboleth/commit/1d65ad6786282d23ba1865f56e2fd19188e7c26a CONFIRM

- Metasploit Modules Related To CVE-2017-14313 There are not any metasploit modules related to this CVE entry (Please visit www.metasploit.com for more information)