exploitDog

GHSA-59mh-243q-3prc

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

Описание

In Ericsson ECM before 18.0, it was observed that Security Management Endpoint in User Profile Management Section is vulnerable to stored XSS via a name, leading to session hijacking and full account takeover.

In Ericsson ECM before 18.0, it was observed that Security Management Endpoint in User Profile Management Section is vulnerable to stored XSS via a name, leading to session hijacking and full account takeover.

Ссылки

EPSS

Процентиль: 43%

0.00206

Низкий

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2021-41391

CVSS3: 5.4

nvd

больше 4 лет назад

In Ericsson ECM before 18.0, it was observed that Security Management Endpoint in User Profile Management Section is vulnerable to stored XSS via a name, leading to session hijacking and full account takeover.

EPSS

Процентиль: 43%

0.00206

Низкий

CVE ID

Дефекты

CWE-79