exploitDog

GHSA-6qhh-f5q8-f9mh

Опубликовано: 13 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 5.4

Описание

Cross-site scripting (XSS) vulnerability in PixlrEditorHandler.php in Synology Photo Station before 6.8.0-3456 allows remote authenticated users to inject arbitrary web scripts or HTML via the id parameter.

Cross-site scripting (XSS) vulnerability in PixlrEditorHandler.php in Synology Photo Station before 6.8.0-3456 allows remote authenticated users to inject arbitrary web scripts or HTML via the id parameter.

Ссылки

EPSS

Процентиль: 41%

0.00187

Низкий

5.4 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2017-12072

CVSS3: 5.4

nvd

около 8 лет назад

Cross-site scripting (XSS) vulnerability in PixlrEditorHandler.php in Synology Photo Station before 6.8.0-3456 allows remote authenticated users to inject arbitrary web scripts or HTML via the id parameter.

EPSS

Процентиль: 41%

0.00187

Низкий

5.4 Medium

CVSS3

CVE ID

Дефекты

CWE-79