exploitDog

GHSA-68vv-6jg5-67fm

Опубликовано: 26 июл. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 6.1

Описание

Interactive Forms (IAF) in GX Software XperienCentral versions 10.29.1 until 10.33.0 was vulnerable to cross site scripting attacks (XSS) because the CSP header uses eval() in the script-src.

Interactive Forms (IAF) in GX Software XperienCentral versions 10.29.1 until 10.33.0 was vulnerable to cross site scripting attacks (XSS) because the CSP header uses eval() in the script-src.

Ссылки

EPSS

Процентиль: 50%

0.00271

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2022-43711

CVSS3: 6.1

nvd

больше 2 лет назад

Interactive Forms (IAF) in GX Software XperienCentral versions 10.29.1 until 10.33.0 was vulnerable to cross site scripting attacks (XSS) because the CSP header uses eval() in the script-src.

EPSS

Процентиль: 50%

0.00271

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79