GHSA-756h-ggr3-6vcj

Опубликовано: 14 июл. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 6.1

Описание

Cross Site Scripting (XSS) vulnerability in uBlock Origin extension before 1.41.1 allows remote attackers to run arbitrary code via a spoofed 'MessageSender.url' to the browser renderer process.

Ссылки

EPSS

Процентиль: 38%

0.00164

Низкий

6.1 Medium

CVSS3

CVE ID

CVE-2022-32308

Дефекты

CWE-79

Связанные уязвимости

CVE-2022-32308

CVSS3: 6.1

ubuntu

больше 3 лет назад

Cross Site Scripting (XSS) vulnerability in uBlock Origin extension before 1.41.1 allows remote attackers to run arbitrary code via a spoofed 'MessageSender.url' to the browser renderer process.

CVE-2022-32308

CVSS3: 6.1

nvd

больше 3 лет назад

Cross Site Scripting (XSS) vulnerability in uBlock Origin extension before 1.41.1 allows remote attackers to run arbitrary code via a spoofed 'MessageSender.url' to the browser renderer process.

CVE-2022-32308

CVSS3: 6.1

debian

больше 3 лет назад

Cross Site Scripting (XSS) vulnerability in uBlock Origin extension be ...

EPSS

Процентиль: 38%

0.00164

Низкий

6.1 Medium

CVSS3

CVE ID

CVE-2022-32308

Дефекты

CWE-79