cpe:/a:connectwise:manage:2017.5 CVE-2017-11727 2017-07-31T19:29:00.287-04:00 2017-08-04T11:54:10.567-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov 2017-08-02T09:35:56.347-04:00 MISC https://becomepentester.blogspot.in/2017/07/ConnectWise-Manage-XSS-CVE-2017-11727.html services/system_io/actionprocessor/Contact.rails in ConnectWise Manage 2017.5 allows arbitrary client-side JavaScript code execution (involving a ContactCommon field) on victims who click on a crafted link, aka XSS.