exploitDog

GHSA-8gfj-456m-vp3q

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 6.8

Описание

The "HTML Include and replace macro" plugin before 1.5.0 for Confluence Server allows a bypass of the includeScripts=false XSS protection mechanism via vectors involving an IFRAME element.

The "HTML Include and replace macro" plugin before 1.5.0 for Confluence Server allows a bypass of the includeScripts=false XSS protection mechanism via vectors involving an IFRAME element.

Ссылки

EPSS

Процентиль: 81%

0.01478

Низкий

6.8 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2019-15053

CVSS3: 6.8

nvd

больше 6 лет назад

The "HTML Include and replace macro" plugin before 1.5.0 for Confluence Server allows a bypass of the includeScripts=false XSS protection mechanism via vectors involving an IFRAME element.

EPSS

Процентиль: 81%

0.01478

Низкий

6.8 Medium

CVSS3

CVE ID

Дефекты

CWE-79