Описание
Cross-site scripting (XSS) vulnerability in index.php in phpSysInfo 2.5.4-dev and earlier allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| phpsysinfo | fixed | 2.5.1-6.1 | package | |
| phpgroupware | fixed | 0.9.16.012-1 | package | |
| phpgroupware | not-affected | etch | package | |
| egroupware | fixed | 1.2.107-2.dfsg-1.1 | package |
Примечания
phpsysinfo alone doesn't maintain any data, which makes this an issue
EPSS
Связанные уязвимости
Cross-site scripting (XSS) vulnerability in index.php in phpSysInfo 2.5.4-dev and earlier allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO.
Cross-site scripting (XSS) vulnerability in index.php in phpSysInfo 2.5.4-dev and earlier allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO.
Cross-site scripting (XSS) vulnerability in index.php in phpSysInfo 2.5.4-dev and earlier allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO.
EPSS