exploitDog

GHSA-gxw6-rh79-pv7x

Опубликовано: 17 мая 2022

Источник: github

Github: Не прошло ревью

Описание

Multiple cross-site scripting (XSS) vulnerabilities in (1) application/views/admin/layout.php and (2) themes/default/views/header.php in the Ushahidi Platform before 2.5 allow remote authenticated users to inject arbitrary web script or HTML via vectors related to a site name.

Multiple cross-site scripting (XSS) vulnerabilities in (1) application/views/admin/layout.php and (2) themes/default/views/header.php in the Ushahidi Platform before 2.5 allow remote authenticated users to inject arbitrary web script or HTML via vectors related to a site name.

Ссылки

EPSS

Процентиль: 37%

0.00159

Низкий

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2012-3476

nvd

больше 13 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in (1) application/views/admin/layout.php and (2) themes/default/views/header.php in the Ushahidi Platform before 2.5 allow remote authenticated users to inject arbitrary web script or HTML via vectors related to a site name.

EPSS

Процентиль: 37%

0.00159

Низкий

CVE ID

Дефекты

CWE-79