exploitDog

GHSA-26cq-q9jv-w39f

Опубликовано: 01 дек. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 5.4

Описание

A cross-site scripting (XSS) vulnerability exists in all current versions of Digital Alert Systems DASDEC software via the Host Header in undisclosed pages after login.

A cross-site scripting (XSS) vulnerability exists in all current versions of Digital Alert Systems DASDEC software via the Host Header in undisclosed pages after login.

Ссылки

EPSS

Процентиль: 68%

0.00576

Низкий

5.4 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2022-40204

CVSS3: 4.1

nvd

почти 3 года назад

A cross-site scripting (XSS) vulnerability exists in all current versions of Digital Alert Systems DASDEC software via the Host Header in undisclosed pages after login.

EPSS

Процентиль: 68%

0.00576

Низкий

5.4 Medium

CVSS3

CVE ID

Дефекты

CWE-79