CVE-2017-5246

Biscom Secure File Transfer is vulnerable to AngularJS expression injection in the Display Name field. An authenticated user can populate this field with a valid AngularJS expression, wrapped in double curly-braces ({{ }}). This expression will be evaluated by any other authenticated user who views the attacker's display name. Affected versions are 5.0.0000 through 5.1.1026. The Issue is fixed in 5.1.1028.
Injection
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.3 MEDIUM
NETWORK
LOW
LOW
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
rapid7CNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 51%
VendorProductVersion
biscomsecure_file_transfer
-
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://cve.biscom.com/bis-sft-cv-0004/
https://twitter.com/i_bo0om/status/885050741567750145
https://cve.biscom.com/bis-sft-cv-0004/
https://twitter.com/i_bo0om/status/885050741567750145