CVE-2017-1000138

Опубликовано: 03 нояб. 2017

Источник: debian

EPSS Низкий

Описание

Mahara 1.10 before 1.10.0 and 15.04 before 15.04.0 are vulnerable to possible cross site scripting when dragging/dropping files into a collection if the file has Javascript code in its title.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
mahara	removed			package

EPSS

Процентиль: 41%

0.00191

Низкий

Связанные уязвимости

CVE-2017-1000138

CVSS3: 5.4

nvd

больше 8 лет назад

Mahara 1.10 before 1.10.0 and 15.04 before 15.04.0 are vulnerable to possible cross site scripting when dragging/dropping files into a collection if the file has Javascript code in its title.

GHSA-cr5q-v43v-q9qg

CVSS3: 5.4

github

больше 3 лет назад

Mahara 1.10 before 1.10.0 and 15.04 before 15.04.0 are vulnerable to possible cross site scripting when dragging/dropping files into a collection if the file has Javascript code in its title.

EPSS

Процентиль: 41%

0.00191

Низкий