Опубликовано: 02 окт. 2024
Источник: github
Github: Прошло ревью
CVSS4: 1.8
CVSS3: 4.8
Описание
Zenario allows authenticated admin users to upload PDF files containing malicious code
Zenario 9.7.61188 allows authenticated admin users to upload PDF files containing malicious code into the target system. If the PDF file is accessed through the website, it can trigger a Cross Site Scripting (XSS) attack.
Пакеты
Наименование
tribalsystems/zenario
composer
Затронутые версииВерсия исправления
<= 9.7.61188
Отсутствует
Связанные уязвимости
CVSS3: 4.8
nvd
больше 1 года назад
Zenario 9.7.61188 allows authenticated admin users to upload PDF files containing malicious code into the target system. If the PDF file is accessed through the website, it can trigger a Cross Site Scripting (XSS) attack.