exploitDog

GHSA-32m5-c8qv-fq2h

Опубликовано: 17 мая 2022

Источник: github

Github: Не прошло ревью

Описание

Multiple cross-site scripting (XSS) vulnerabilities in (1) mainpage.jsp and (2) GetImageServlet.img in IBM TRIRIGA Application Platform 3.2.1.x, 3.3.2 before 3.3.2.3, and 3.4.1 before 3.4.1.1 allow remote authenticated users to inject arbitrary web script or HTML via a crafted URL.

Multiple cross-site scripting (XSS) vulnerabilities in (1) mainpage.jsp and (2) GetImageServlet.img in IBM TRIRIGA Application Platform 3.2.1.x, 3.3.2 before 3.3.2.3, and 3.4.1 before 3.4.1.1 allow remote authenticated users to inject arbitrary web script or HTML via a crafted URL.

Ссылки

EPSS

Процентиль: 41%

0.00188

Низкий

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2014-8893

nvd

около 11 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in (1) mainpage.jsp and (2) GetImageServlet.img in IBM TRIRIGA Application Platform 3.2.1.x, 3.3.2 before 3.3.2.3, and 3.4.1 before 3.4.1.1 allow remote authenticated users to inject arbitrary web script or HTML via a crafted URL.

EPSS

Процентиль: 41%

0.00188

Низкий

CVE ID

Дефекты

CWE-79