MEDIUM
Inter Mediator
CVE published 2017-03-05
CVE-2017-6484
CVE-2017-6484 describes multiple cross-site scripting (XSS) issues in INTER-Mediator 5.5. The problem is in the PasswordReset/resetpassword.php flow, where insufficient filtration of the user-supplied c and cred parameters can let an attacker inject HTML or script that runs in a victim browser in the context of the vulnerable website.