GHSA-g4rw-82hq-8jpr

Опубликовано: 13 мая 2022

Источник: github

Github: Прошло ревью

CVSS3: 6.1

Описание

MapProxy vulnerable to cross-site scripting in demo service

MapProxy version 1.11.1 and older are vulnerable to cross-site scripting in the demo service resulting in possible information disclosure. An incomplete fix was released in v1.10.4, and a complete fix was released in v1.11.1.

Ссылки

Пакеты

Наименование

MapProxy

pip

Затронутые версииВерсия исправления

< 1.11.1

1.11.1

EPSS

Процентиль: 45%

0.00229

Низкий

6.1 Medium

CVSS3

CVE ID

CVE-2017-1000426

Дефекты

CWE-79

Связанные уязвимости

CVE-2017-1000426

CVSS3: 6.1

ubuntu

около 8 лет назад

MapProxy version 1.10.3 and older is vulnerable to a Cross Site Scripting attack in the demo service resulting in possible information disclosure.

CVE-2017-1000426

CVSS3: 6.1

nvd

около 8 лет назад

MapProxy version 1.10.3 and older is vulnerable to a Cross Site Scripting attack in the demo service resulting in possible information disclosure.

CVE-2017-1000426

CVSS3: 6.1

debian

около 8 лет назад

MapProxy version 1.10.3 and older is vulnerable to a Cross Site Script ...

EPSS

Процентиль: 45%

0.00229

Низкий

6.1 Medium

CVSS3

CVE ID

CVE-2017-1000426

Дефекты

CWE-79