exploitDog

GHSA-6p3q-v495-f3jw

Опубликовано: 20 сент. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 6.1

Описание

Safe Software FME Server v2022.0.1.1 and below contains a cross-site scripting (XSS) vulnerability which allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the login page.

Safe Software FME Server v2022.0.1.1 and below contains a cross-site scripting (XSS) vulnerability which allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the login page.

Ссылки

EPSS

Процентиль: 70%

0.00642

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2022-38339

CVSS3: 9.6

nvd

больше 3 лет назад

Safe Software FME Server v2021.2.5, v2022.0.0.2 and below contains a cross-site scripting (XSS) vulnerability which allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the login page.

EPSS

Процентиль: 70%

0.00642

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79