exploitDog

GHSA-hfr8-9v95-p75f

Опубликовано: 10 янв. 2024

Источник: github

Github: Не прошло ревью

CVSS3: 5.4

Описание

PublicCMS 4.0 is vulnerable to Cross Site Scripting (XSS). Because files can be uploaded and online preview function is provided, pdf files and html files containing malicious code are uploaded, an XSS popup window is realized through online viewing.

PublicCMS 4.0 is vulnerable to Cross Site Scripting (XSS). Because files can be uploaded and online preview function is provided, pdf files and html files containing malicious code are uploaded, an XSS popup window is realized through online viewing.

Ссылки

EPSS

Процентиль: 38%

0.00165

Низкий

5.4 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2023-51252

CVSS3: 5.4

nvd

около 2 лет назад

PublicCMS 4.0 is vulnerable to Cross Site Scripting (XSS). Because files can be uploaded and online preview function is provided, pdf files and html files containing malicious code are uploaded, an XSS popup window is realized through online viewing.

BDU:2024-01139

CVSS3: 5.4

fstec

около 2 лет назад

Уязвимость компонента Online Preview CMS-системы PublicCMS, позволяющая нарушителю проводить межсайтовые сценарные атаки

EPSS

Процентиль: 38%

0.00165

Низкий

5.4 Medium

CVSS3

CVE ID

Дефекты

CWE-79