CVE-2022-25020

Опубликовано: 01 мар. 2022

Источник: debian

Описание

A cross-site scripting (XSS) vulnerability in Pluxml v5.8.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the thumbnail path of a blog post.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
pluxml	removed			package
pluxml	end-of-life		buster	package

Примечания

https://github.com/MoritzHuppert/CVE-2022-25020/blob/main/CVE-2022-25020.pdf

Связанные уязвимости

CVE-2022-25020

CVSS3: 5.4

ubuntu

почти 4 года назад

A cross-site scripting (XSS) vulnerability in Pluxml v5.8.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the thumbnail path of a blog post.

CVE-2022-25020

CVSS3: 5.4

nvd

почти 4 года назад

A cross-site scripting (XSS) vulnerability in Pluxml v5.8.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the thumbnail path of a blog post.

GHSA-c2vp-3hpx-rwcc

CVSS3: 5.4

github

почти 4 года назад

A cross-site scripting (XSS) vulnerability in Pluxml v5.8.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the thumbnail path of a blog post.