exploitDog

GHSA-3fm6-w3v5-p4r7

Опубликовано: 25 сент. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 5.7

Описание

Teedy v1.11 has a vulnerability in its text editor that allows events

to be executed in HTML tags that an attacker could manipulate. Thanks

to this, it is possible to execute malicious JavaScript in the webapp.

Teedy v1.11 has a vulnerability in its text editor that allows events

to be executed in HTML tags that an attacker could manipulate. Thanks

to this, it is possible to execute malicious JavaScript in the webapp.

Ссылки

EPSS

Процентиль: 25%

0.00087

Низкий

5.7 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2023-4892

CVSS3: 5.7

nvd

больше 2 лет назад

Teedy v1.11 has a vulnerability in its text editor that allows events to be executed in HTML tags that an attacker could manipulate. Thanks to this, it is possible to execute malicious JavaScript in the webapp.

EPSS

Процентиль: 25%

0.00087

Низкий

5.7 Medium

CVSS3

CVE ID

Дефекты

CWE-79