exploitDog

GHSA-fw7h-2grr-4rjq

Опубликовано: 06 мар. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 5.4

Описание

KioWare through 8.33 on Windows sets KioScriptingUrlACL.AclActions.AllowHigh for the about:blank origin, which allows attackers to obtain SYSTEM access via KioUtils.Execute in JavaScript code.

KioWare through 8.33 on Windows sets KioScriptingUrlACL.AclActions.AllowHigh for the about:blank origin, which allows attackers to obtain SYSTEM access via KioUtils.Execute in JavaScript code.

Ссылки

EPSS

Процентиль: 81%

0.01481

Низкий

5.4 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2022-44875

CVSS3: 5.4

nvd

почти 3 года назад

KioWare through 8.33 on Windows sets KioScriptingUrlACL.AclActions.AllowHigh for the about:blank origin, which allows attackers to obtain SYSTEM access via KioUtils.Execute in JavaScript code.

EPSS

Процентиль: 81%

0.01481

Низкий

5.4 Medium

CVSS3

CVE ID

Дефекты

CWE-79