exploitDog

GHSA-8f9r-wqpf-9qpm

Опубликовано: 21 июн. 2024

Источник: github

Github: Не прошло ревью

CVSS3: 5.4

Описание

Cross Site Scripting vulnerability in Tessi Docubase Document Management product 5.x allows a remote attacker to execute arbitrary code via the parameter "sectionContent" related to the functionality of adding notes to an uploaded file.

Cross Site Scripting vulnerability in Tessi Docubase Document Management product 5.x allows a remote attacker to execute arbitrary code via the parameter "sectionContent" related to the functionality of adding notes to an uploaded file.

Ссылки

EPSS

Процентиль: 67%

0.00548

Низкий

5.4 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2024-37675

CVSS3: 5.4

nvd

больше 1 года назад

Cross Site Scripting vulnerability in Tessi Docubase Document Management product 5.x allows a remote attacker to execute arbitrary code via the parameter "sectionContent" related to the functionality of adding notes to an uploaded file.

EPSS

Процентиль: 67%

0.00548

Низкий

5.4 Medium

CVSS3

CVE ID

Дефекты

CWE-79