Описание
Scripts in Sling CMS before 0.16.0 do not property escape the Sling Selector from URLs when generating navigational elements for the administrative consoles and are vulnerable to reflected XSS attacks.
Scripts in Sling CMS before 0.16.0 do not property escape the Sling Selector from URLs when generating navigational elements for the administrative consoles and are vulnerable to reflected XSS attacks.
EPSS
Процентиль: 83%
0.01831
Низкий
CVE ID
Связанные уязвимости
CVSS3: 6.1
nvd
почти 6 лет назад
Scripts in Sling CMS before 0.16.0 do not property escape the Sling Selector from URLs when generating navigational elements for the administrative consoles and are vulnerable to reflected XSS attacks.
EPSS
Процентиль: 83%
0.01831
Низкий