{"containers":{"cna":{"affected":[{"product":"Admin Custom Login Plugin","vendor":"unspecified","versions":[{"status":"affected","version":"2.4.5.2"}]}],"credits":[{"lang":"en","value":"Burak Kelebek"}],"descriptions":[{"lang":"en","value":"A vulnerability was found in Admin Custom Login Plugin 2.4.5.2. It has been classified as problematic. Affected is an unknown function. The manipulation leads to basic cross site scripting (Persistent). It is possible to launch the attack remotely."}],"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"NONE","baseScore":3.5,"baseSeverity":"LOW","confidentialityImpact":"NONE","integrityImpact":"LOW","privilegesRequired":"LOW","scope":"UNCHANGED","userInteraction":"REQUIRED","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N","version":"3.1"}}],"problemTypes":[{"descriptions":[{"cweId":"CWE-80","description":"CWE-80 Basic Cross Site Scripting","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2022-06-27T18:11:08.000Z","orgId":"1af790b2-7ee1-4545-860a-a788eba489b5","shortName":"VulDB"},"references":[{"tags":["x_refsource_MISC"],"url":"http://seclists.org/fulldisclosure/2017/Feb/75"},{"tags":["x_refsource_MISC"],"url":"https://vuldb.com/?id.97368"}],"title":"Admin Custom Login Plugin Persistent cross site scripting","x_generator":"vuldb.com","x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cna@vuldb.com","ID":"CVE-2017-20098","REQUESTER":"cna@vuldb.com","STATE":"PUBLIC","TITLE":"Admin Custom Login Plugin Persistent cross site scripting"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"Admin Custom Login Plugin","version":{"version_data":[{"version_value":"2.4.5.2"}]}}]},"vendor_name":""}]}},"credit":"Burak Kelebek","data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"A vulnerability was found in Admin Custom Login Plugin 2.4.5.2. It has been classified as problematic. Affected is an unknown function. The manipulation leads to basic cross site scripting (Persistent). It is possible to launch the attack remotely."}]},"generator":"vuldb.com","impact":{"cvss":{"baseScore":"3.5","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N","version":"3.1"}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-80 Basic Cross Site Scripting"}]}]},"references":{"reference_data":[{"name":"http://seclists.org/fulldisclosure/2017/Feb/75","refsource":"MISC","url":"http://seclists.org/fulldisclosure/2017/Feb/75"},{"name":"https://vuldb.com/?id.97368","refsource":"MISC","url":"https://vuldb.com/?id.97368"}]}}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-05T21:45:25.704Z"},"title":"CVE Program Container","references":[{"tags":["x_refsource_MISC","x_transferred"],"url":"http://seclists.org/fulldisclosure/2017/Feb/75"},{"tags":["x_refsource_MISC","x_transferred"],"url":"https://vuldb.com/?id.97368"}]},{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2025-04-14T17:07:40.338830Z","id":"CVE-2017-20098","options":[{"Exploitation":"poc"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-04-15T14:12:03.287Z"}}]},"cveMetadata":{"assignerOrgId":"1af790b2-7ee1-4545-860a-a788eba489b5","assignerShortName":"VulDB","cveId":"CVE-2017-20098","datePublished":"2022-06-27T18:11:08.000Z","dateReserved":"2022-06-25T00:00:00.000Z","dateUpdated":"2025-04-15T14:12:03.287Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}