exploitDog

GHSA-f94v-3w62-8844

Опубликовано: 04 июн. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

In Real Player 20.0.8.310, the G2 Control allows injection of unsafe javascript: URIs in local HTTP error pages (displayed by Internet Explorer core). This leads to arbitrary code execution.

In Real Player 20.0.8.310, the G2 Control allows injection of unsafe javascript: URIs in local HTTP error pages (displayed by Internet Explorer core). This leads to arbitrary code execution.

Ссылки

EPSS

Процентиль: 78%

0.01185

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-74

Связанные уязвимости

CVE-2022-32269

CVSS3: 9.8

nvd

больше 3 лет назад

In Real Player 20.0.8.310, the G2 Control allows injection of unsafe javascript: URIs in local HTTP error pages (displayed by Internet Explorer core). This leads to arbitrary code execution.

EPSS

Процентиль: 78%

0.01185

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-74