Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2021-43725

Опубликовано: 28 мар. 2022
Источник: debian
EPSS Низкий

Описание

There is a Cross Site Scripting (XSS) vulnerability in SpotPage_login.php of Spotweb 1.5.1 and below, which allows remote attackers to inject arbitrary web script or HTML via the data[performredirect] parameter.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
spotwebremovedpackage
spotwebno-dsabusterpackage
spotwebno-dsastretchpackage

Примечания

  • https://github.com/spotweb/spotweb/commit/2bfa001689aae96009688a193c64478647ba45a1

  • https://github.com/spotweb/spotweb/issues/718

EPSS

Процентиль: 78%
0.01081
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2021-43725

CVSS3: 6.1
ubuntu
почти 4 года назад

There is a Cross Site Scripting (XSS) vulnerability in SpotPage_login.php of Spotweb 1.5.1 and below, which allows remote attackers to inject arbitrary web script or HTML via the data[performredirect] parameter.

nvd логотип

CVE-2021-43725

CVSS3: 6.1
nvd
почти 4 года назад

There is a Cross Site Scripting (XSS) vulnerability in SpotPage_login.php of Spotweb 1.5.1 and below, which allows remote attackers to inject arbitrary web script or HTML via the data[performredirect] parameter.

github логотип

GHSA-h24p-w6x4-wgf8

CVSS3: 6.1
github
почти 4 года назад

There is a Cross Site Scripting (XSS) vulnerability in SpotPage_login.php of Spotweb 1.5.1 and below, which allows remote attackers to inject arbitrary web script or HTML via the data[performredirect] parameter.

EPSS

Процентиль: 78%
0.01081
Низкий