exploitDog

GHSA-4vjw-6g94-68x5

Опубликовано: 17 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 6.1

Описание

services/system_io/actionprocessor/Contact.rails in ConnectWise Manage 2017.5 allows arbitrary client-side JavaScript code execution (involving a ContactCommon field) on victims who click on a crafted link, aka XSS.

services/system_io/actionprocessor/Contact.rails in ConnectWise Manage 2017.5 allows arbitrary client-side JavaScript code execution (involving a ContactCommon field) on victims who click on a crafted link, aka XSS.

Ссылки

EPSS

Процентиль: 62%

0.00427

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2017-11727

CVSS3: 6.1

nvd

больше 8 лет назад

services/system_io/actionprocessor/Contact.rails in ConnectWise Manage 2017.5 allows arbitrary client-side JavaScript code execution (involving a ContactCommon field) on victims who click on a crafted link, aka XSS.

EPSS

Процентиль: 62%

0.00427

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79