exploitDog

GHSA-cpw6-5jfx-2w4c

Опубликовано: 14 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 7.8

Описание

The help window in Epicor CRS Retail Store before 3.2.03.01.008 allows local users to execute arbitrary code by injecting Javascript into the window source to create a button that spawns a command shell.

The help window in Epicor CRS Retail Store before 3.2.03.01.008 allows local users to execute arbitrary code by injecting Javascript into the window source to create a button that spawns a command shell.

Ссылки

EPSS

Процентиль: 34%

0.00139

Низкий

7.8 High

CVSS3

CVE ID

Дефекты

CWE-77

Связанные уязвимости

CVE-2015-2210

CVSS3: 7.8

nvd

больше 8 лет назад

The help window in Epicor CRS Retail Store before 3.2.03.01.008 allows local users to execute arbitrary code by injecting Javascript into the window source to create a button that spawns a command shell.

EPSS

Процентиль: 34%

0.00139

Низкий

7.8 High

CVSS3

CVE ID

Дефекты

CWE-77