Описание
eramba c2.8.1 and Enterprise before e2.19.3 allows XSS via a crafted filename for a file attached to an object. For example, the filename has a complete XSS payload followed by the .png extension.
eramba c2.8.1 and Enterprise before e2.19.3 allows XSS via a crafted filename for a file attached to an object. For example, the filename has a complete XSS payload followed by the .png extension.
EPSS
Процентиль: 56%
0.00343
Низкий
CVE ID
Связанные уязвимости
CVSS3: 5.4
nvd
больше 5 лет назад
eramba c2.8.1 and Enterprise before e2.19.3 allows XSS via a crafted filename for a file attached to an object. For example, the filename has a complete XSS payload followed by the .png extension.
EPSS
Процентиль: 56%
0.00343
Низкий