exploitDog

GHSA-9f4m-xrm4-4h98

Опубликовано: 23 дек. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 7.3

Описание

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Hotech Software Inc. Otello allows Stored XSS.This issue affects Otello: from 2.4.0 before 2.4.4.

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Hotech Software Inc. Otello allows Stored XSS.This issue affects Otello: from 2.4.0 before 2.4.4.

Ссылки

EPSS

Процентиль: 11%

0.00038

Низкий

7.3 High

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2025-13183

CVSS3: 7.3

nvd

около 2 месяцев назад

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Hotech Software Inc. Otello allows Stored XSS.This issue affects Otello: from 2.4.0 before 2.4.4.

EPSS

Процентиль: 11%

0.00038

Низкий

7.3 High

CVSS3

CVE ID

Дефекты

CWE-79