exploitDog

GHSA-f299-j7j4-m9w9

Опубликовано: 15 фев. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 5.4

Описание

Cross-site Scripting in SOS JobScheduler

A cross-site scripting (XSS) vulnerability in the JOC Cockpit component of SOS JobScheduler 1.11 and 1.13.2 allows attackers to inject arbitrary web script or HTML via JSON properties available from the REST API.

Ссылки

EPSS

Процентиль: 59%

0.00374

Низкий

5.4 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2020-6854

CVSS3: 5.4

nvd

около 6 лет назад

A cross-site scripting (XSS) vulnerability in the JOC Cockpit component of SOS JobScheduler 1.11 and 1.13.2 allows attackers to inject arbitrary web script or HTML via JSON properties available from the REST API.

EPSS

Процентиль: 59%

0.00374

Низкий

5.4 Medium

CVSS3

CVE ID

Дефекты

CWE-79