CVE-2017-9140

EPSS 4.84% · P90 Updated Feb 21, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2017-9140

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Cross-site scripting (XSS) vulnerability in Telerik.ReportViewer.WebForms.dll in Telerik Reporting for ASP.NET WebForms Report Viewer control before R1 2017 SP2 (11.0.17.406) allows remote attackers to inject arbitrary web script or HTML via the bgColor parameter to Telerik.ReportViewer.axd.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Telerik Reporting for ASP.NET WebForms Report Viewer control 跨站脚本漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Telerik Reporting for ASP.NET WebForms Report Viewer control是美国Telerik公司开发的一个基于ASP.NET的报表生成控件。 Telerik ASP.NET WebForms Report Viewer control R1 2017 SP2 (11.0.17.406)之前的版本中的Telerik Reporting存在跨站脚本漏洞。远程攻击者可利用该漏洞注入任意的Web脚本或HTML。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2017-9140

#	POC Description	Source Link	Shenlong Link
1	Cross-site scripting vulnerability in Telerik.ReportViewer.WebForms.dll in Telerik Reporting for ASP.NET WebForms Report Viewer control before R1 2017 SP2 (11.0.17.406) allows remote attackers to inject arbitrary web script or HTML via the bgColor parameter to Telerik.ReportViewer.axd.	https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2017/CVE-2017-9140.yaml	POC Details

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2017-9140

请登录查看更多情报信息。

Same Patch Batch · n/a · 2017-05-22 · 101 CVEs total

CVE-2017-2544		Apple iOS和Safari WebKit 安全漏洞
CVE-2017-2538		Apple iOS和Safari WebKit 安全漏洞
CVE-2017-2534		Apple macOS Sierra Speech Framework 安全漏洞
CVE-2017-2533		Apple macOS Sierra DiskArbitration 竞争条件漏洞
CVE-2017-2531		多款Apple产品WebKit组件安全漏洞
CVE-2017-2530		多款Apple产品WebKit组件安全漏洞
CVE-2017-2528		Apple iOS和Safari WebKit 安全漏洞
CVE-2017-2535		Apple macOS Sierra Security 安全漏洞
CVE-2017-2542		Apple macOS Sierra Multi-Touch 安全漏洞
CVE-2017-2543		Apple macOS Sierra Multi-Touch 安全漏洞
CVE-2017-2541		Apple macOS Sierra WindowServer 安全漏洞
CVE-2017-2545		Apple macOS Sierra IOGraphics 安全漏洞
CVE-2017-2546		Apple macOS Sierra Kernel 安全漏洞
CVE-2017-2547		Apple iOS和Safari WebKit 安全漏洞
CVE-2017-2548		Apple macOS Sierra WindowServer 安全漏洞
CVE-2017-2549		多款Apple产品WebKit 安全漏洞
CVE-2017-6977		Apple macOS Sierra Speech Framework 安全漏洞
CVE-2017-6978		Apple macOS Sierra Accessibility Framework 安全漏洞
CVE-2017-6979		多款Apple产品IOSurface组件竞争条件漏洞
CVE-2017-6980		多款Apple产品WebKit 安全漏洞

Showing top 20 of 101 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2017-9140

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2017-9140

I. Basic Information for CVE-2017-9140

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2017-9140

III. Intelligence Information for CVE-2017-9140

Same Patch Batch · n/a · 2017-05-22 · 101 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2017-9140

Leave a comment