{ "affected": [ { "database_specific": { "unresolved_ranges": [ { "events": [ { "introduced": "0" }, { "last_affected": "34c7155c6fd82b7746fe8b56eb89bf278553c421" } ] }, { "events": [ { "introduced": "whatanime.ga" }, { "fixed": "c334dd8499a681587dd4199e90b0aa0eba814c1d" } ] } ] }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "c334dd8499a681587dd4199e90b0aa0eba814c1d" } ], "repo": "https://github.com/soruly/trace.moe", "type": "GIT" }, { "events": [ { "introduced": "0" }, { "fixed": "c334dd8499a681587dd4199e90b0aa0eba814c1d" } ], "repo": "https://github.com/soruly/trace.moe", "type": "GIT" } ] } ], "details": "An issue was discovered in whatanime.ga before c334dd8499a681587dd4199e90b0aa0eba814c1d. The vulnerability exists due to insufficient filtration of user-supplied data passed to the \"whatanime.ga-master/index.php\" URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website.", "id": "CVE-2017-6390", "modified": "2026-04-01T23:08:05.366393032Z", "published": "2017-03-02T06:59:00.293Z", "references": [ { "type": "WEB", "url": "http://www.securityfocus.com/bid/96555" }, { "type": "FIX", "url": "https://github.com/soruly/whatanime.ga/issues/8" }, { "type": "FIX", "url": "https://github.com/soruly/whatanime.ga/commit/c334dd8499a681587dd4199e90b0aa0eba814c1d" } ], "severity": [ { "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "type": "CVSS_V3" } ] }