Description XSS was discovered in dotCMS 3.7.0, with an authenticated attack against the /myAccount addressID parameter. Remediation References CVE-2017-5875 Related Vulnerabilities WordPress 4.6.x Multiple Vulnerabilities (4.6 - 4.6.12) ownCloud Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-1500) Oracle Database Server CVE-2015-0370 Vulnerability (CVE-2015-0370) WebLogic CVE-2019-2615 Vulnerability (CVE-2019-2615) MySQL CVE-2022-21617 Vulnerability (CVE-2022-21617) Severity Medium Classification CVE-2017-5875 CWE-707 CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N Tags Missing Update Known Vulnerabilities