exploitDog

GHSA-53qj-fm7c-wfvq

Опубликовано: 14 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 5.4

Описание

An issue was discovered in Dotcms through 5.0.3. Attackers may perform XSS attacks via the inode, identifier, or fieldName parameter in html/js/dotcms/dijit/image/image_tool.jsp.

An issue was discovered in Dotcms through 5.0.3. Attackers may perform XSS attacks via the inode, identifier, or fieldName parameter in html/js/dotcms/dijit/image/image_tool.jsp.

Ссылки

EPSS

Процентиль: 38%

0.00162

Низкий

5.4 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2018-19554

CVSS3: 5.4

nvd

около 7 лет назад

An issue was discovered in Dotcms through 5.0.3. Attackers may perform XSS attacks via the inode, identifier, or fieldName parameter in html/js/dotcms/dijit/image/image_tool.jsp.

EPSS

Процентиль: 38%

0.00162

Низкий

5.4 Medium

CVSS3

CVE ID

Дефекты

CWE-79