Description XSS was discovered in dotCMS 3.7.0, with an authenticated attack against the /myAccount addressID parameter. Remediation References CVE-2017-5875 Related Vulnerabilities WordPress Plugin Customer Reviews for WooCommerce Cross-Site Scripting (5.16.0) Jboss EAP Credentials Management Errors Vulnerability (CVE-2012-0034) Apache HTTP Server Other Vulnerability (CVE-2002-0661) WordPress Plugin Blunt GA Cross-Site Scripting (4.0.0) SharePoint CVE-2021-41344 Vulnerability (CVE-2021-41344) Severity Medium Classification CVE-2017-5875 CWE-707 CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N Tags Missing Update Known Vulnerabilities