exploitDog

GHSA-666m-w6mw-m583

Опубликовано: 26 мар. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 4.7

Описание

IBM Cognos Controller 11.0.0 through 11.1.0 is vulnerable to a Client-Side Desync (CSD) attack where an attacker could exploit a desynchronized browser connection that could lead to further cross-site scripting (XSS) attacks.

IBM Cognos Controller 11.0.0 through 11.1.0 is vulnerable to a Client-Side Desync (CSD) attack where an attacker could exploit a desynchronized browser connection that could lead to further cross-site scripting (XSS) attacks.

Ссылки

EPSS

Процентиль: 38%

0.00166

Низкий

4.7 Medium

CVSS3

CVE ID

Дефекты

CWE-444

Связанные уязвимости

CVE-2022-39163

CVSS3: 4.7

nvd

11 месяцев назад

IBM Cognos Controller 11.0.0 through 11.1.0 is vulnerable to a Client-Side Desync (CSD) attack where an attacker could exploit a desynchronized browser connection that could lead to further cross-site scripting (XSS) attacks.

EPSS

Процентиль: 38%

0.00166

Низкий

4.7 Medium

CVSS3

CVE ID

Дефекты

CWE-444