MEDIUM
Soruly
CVE published 2017-03-02
CVE-2017-6390
CVE-2017-6390 is a cross-site scripting vulnerability in whatanime.ga that could let an attacker inject HTML and script into the site’s browser context. The issue is described as insufficient filtration of user-supplied data passed to whatanime.ga-master/index.php, and the available references point to a patch commit and related issue discussion.