{"id":"CVE-2017-6390","details":"An issue was discovered in whatanime.ga before c334dd8499a681587dd4199e90b0aa0eba814c1d. The vulnerability exists due to insufficient filtration of user-supplied data passed to the \"whatanime.ga-master/index.php\" URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website.","modified":"2026-04-02T00:15:07.181962Z","published":"2017-03-02T06:59:00.293Z","references":[{"type":"WEB","url":"http://www.securityfocus.com/bid/96555"},{"type":"FIX","url":"https://github.com/soruly/whatanime.ga/issues/8"},{"type":"FIX","url":"https://github.com/soruly/whatanime.ga/commit/c334dd8499a681587dd4199e90b0aa0eba814c1d"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/soruly/trace.moe","events":[{"introduced":"0"},{"fixed":"c334dd8499a681587dd4199e90b0aa0eba814c1d"}]},{"type":"GIT","repo":"https://github.com/soruly/trace.moe","events":[{"introduced":"0"},{"fixed":"c334dd8499a681587dd4199e90b0aa0eba814c1d"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-6390.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"34c7155c6fd82b7746fe8b56eb89bf278553c421"}]},{"events":[{"introduced":"whatanime.ga"},{"fixed":"c334dd8499a681587dd4199e90b0aa0eba814c1d"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}]}