CVE-2023-49469

Опубликовано: 28 дек. 2023

Источник: debian

EPSS Низкий

Описание

Reflected Cross Site Scripting (XSS) vulnerability in Shaarli v0.12.2, allows remote attackers to execute arbitrary code via search tag function.

Пакет	Статус	Версия исправления	Релиз	Тип
shaarli	fixed	0.13.0+dfsg-1		package
shaarli	no-dsa		bookworm	package

https://github.com/shaarli/Shaarli/issues/2038
https://github.com/shaarli/Shaarli/commit/326870f216ba52d80488cb4ba3fadcf1247d7cf8 (v0.13.0)

EPSS

Процентиль: 37%

0.00163

Низкий

CVE-2023-49469

CVSS3: 6.1

ubuntu

около 2 лет назад

Reflected Cross Site Scripting (XSS) vulnerability in Shaarli v0.12.2, allows remote attackers to execute arbitrary code via search tag function.

CVE-2023-49469

CVSS3: 6.1

nvd

около 2 лет назад

Reflected Cross Site Scripting (XSS) vulnerability in Shaarli v0.12.2, allows remote attackers to execute arbitrary code via search tag function.

GHSA-8fxv-xj5w-c8qc

CVSS3: 6.1

github

около 2 лет назад

Reflected Cross Site Scripting (XSS) vulnerability in Shaarli v0.12.2, allows remote attackers to execute arbitrary code via search tag function.

EPSS

Процентиль: 37%

0.00163

Низкий