{"id":"CVE-2017-16919","details":"MapOS 3.1.11 and earlier has a Stored Cross-site Scripting (XSS) vulnerability in /clientes/visualizar, which allows remote attackers to inject arbitrary web script or HTML via a crafted description parameter.","modified":"2026-03-14T09:24:52.482689Z","published":"2017-11-21T08:29:00.257Z","references":[{"type":"REPORT","url":"https://github.com/RamonSilva20/mapos/issues/81"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/ramonsilva20/mapos","events":[{"introduced":"0"},{"last_affected":"3832f555ce906d9e821766884f3d71a78ae3cbad"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"3.1.11"}]}}],"versions":["v2.6.4","v3.1.11","v3.1.5"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-16919.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"}]}