exploitDog

GHSA-6362-hmcr-gv4j

Опубликовано: 09 мая 2025

Источник: github

Github: Не прошло ревью

CVSS4: 5.3

Описание

Improper Input Validation vulnerability in Sparx Systems Pro Cloud Server's WebEA model search field allows Cross-Site Scripting (XSS). This issue affects Pro Cloud Server: earlier than 6.0.165.

Improper Input Validation vulnerability in Sparx Systems Pro Cloud Server's WebEA model search field allows Cross-Site Scripting (XSS). This issue affects Pro Cloud Server: earlier than 6.0.165.

Ссылки

EPSS

Процентиль: 42%

0.00199

Низкий

5.3 Medium

CVSS4

CVE ID

Дефекты

CWE-20

Связанные уязвимости

CVE-2025-4376

nvd

9 месяцев назад

Improper Input Validation vulnerability in Sparx Systems Pro Cloud Server's WebEA model search field allows Cross-Site Scripting (XSS). This issue affects Pro Cloud Server: earlier than 6.0.165.

EPSS

Процентиль: 42%

0.00199

Низкий

5.3 Medium

CVSS4

CVE ID

Дефекты

CWE-20