exploitDog

GHSA-ffj3-j67f-53c8

Опубликовано: 01 нояб. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 8.8

Описание

Javascript injection in PDFtron in M-Files Hubshare before 3.3.10.9 allows authenticated attackers to perform an account takeover via a crafted PDF upload.

Javascript injection in PDFtron in M-Files Hubshare before 3.3.10.9 allows authenticated attackers to perform an account takeover via a crafted PDF upload.

Ссылки

EPSS

Процентиль: 68%

0.00567

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-20

CWE-74

Связанные уязвимости

CVE-2022-39016

CVSS3: 8.2

nvd

больше 3 лет назад

Javascript injection in PDFtron in M-Files Hubshare before 3.3.10.9 allows authenticated attackers to perform an account takeover via a crafted PDF upload.

EPSS

Процентиль: 68%

0.00567

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-20

CWE-74