GHSA-7cf2-f2c4-4qv4

Опубликовано: 28 июл. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 6.1

Описание

Yii 2 v2.0.45 was discovered to contain a cross-site scripting (XSS) vulnerability via the endpoint /books.

Ссылки

EPSS

Процентиль: 23%

0.00076

Низкий

6.1 Medium

CVSS3

CVE ID

CVE-2022-31454

Дефекты

CWE-79

Связанные уязвимости

CVE-2022-31454

CVSS3: 6.1

nvd

больше 2 лет назад

Yii 2 v2.0.45 was discovered to contain a cross-site scripting (XSS) vulnerability via the endpoint /books. NOTE: this is disputed by the vendor because the cve-2022-31454-8e8555c31fd3 page does not describe why /books has a relationship to Yii 2.

CVE-2022-31454

CVSS3: 6.1

debian

больше 2 лет назад

Yii 2 v2.0.45 was discovered to contain a cross-site scripting (XSS) v ...

EPSS

Процентиль: 23%

0.00076

Низкий

6.1 Medium

CVSS3

CVE ID

CVE-2022-31454

Дефекты

CWE-79