exploitDog

GHSA-9w68-4r79-85mx

Опубликовано: 14 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 5.4

Описание

Cross-site scripting (XSS) vulnerability in system_name_set.cgi in TP-Link TL-SG108E 1.0.0 allows authenticated remote attackers to submit arbitrary java script via the 'sysName' parameter.

Cross-site scripting (XSS) vulnerability in system_name_set.cgi in TP-Link TL-SG108E 1.0.0 allows authenticated remote attackers to submit arbitrary java script via the 'sysName' parameter.

Ссылки

EPSS

Процентиль: 37%

0.00157

Низкий

5.4 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2017-17745

CVSS3: 5.4

nvd

около 8 лет назад

Cross-site scripting (XSS) vulnerability in system_name_set.cgi in TP-Link TL-SG108E 1.0.0 allows authenticated remote attackers to submit arbitrary java script via the 'sysName' parameter.

EPSS

Процентиль: 37%

0.00157

Низкий

5.4 Medium

CVSS3

CVE ID

Дефекты

CWE-79