CVE-2021-22878

Опубликовано: 03 мар. 2021

Источник: debian

EPSS Низкий

Описание

Nextcloud Server prior to 20.0.6 is vulnerable to reflected cross-site scripting (XSS) due to lack of sanitization in `OC.Notification.show`.

Пакет	Статус	Версия исправления	Релиз	Тип
nextcloud-server	itp			package

EPSS

Процентиль: 58%

0.00368

Низкий

CVE-2021-22878

CVSS3: 4.8

nvd

больше 4 лет назад

Nextcloud Server prior to 20.0.6 is vulnerable to reflected cross-site scripting (XSS) due to lack of sanitization in `OC.Notification.show`.

GHSA-3qm7-9jrc-h4gp

github

около 3 лет назад

Nextcloud Server prior to 20.0.6 is vulnerable to reflected cross-site scripting (XSS) due to lack of sanitization in `OC.Notification.show`.

EPSS

Процентиль: 58%

0.00368

Низкий