Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-jxf4-6hgg-qvgr

Опубликовано: 29 апр. 2022
Источник: github
Github: Не прошло ревью

Описание

Cross-site scripting vulnerabilities (XSS) in bonsai Mozilla CVS query tool allow remote attackers to execute arbitrary web script via (1) the file, root, or rev parameters to cvslog.cgi, (2) the file or root parameters to cvsblame.cgi, (3) various parameters to cvsquery.cgi, (4) the person parameter to showcheckins.cgi, (5) the module parameter to cvsqueryform.cgi, and (6) possibly other attack vectors as identified by Mozilla bug #146244.

Cross-site scripting vulnerabilities (XSS) in bonsai Mozilla CVS query tool allow remote attackers to execute arbitrary web script via (1) the file, root, or rev parameters to cvslog.cgi, (2) the file or root parameters to cvsblame.cgi, (3) various parameters to cvsquery.cgi, (4) the person parameter to showcheckins.cgi, (5) the module parameter to cvsqueryform.cgi, and (6) possibly other attack vectors as identified by Mozilla bug #146244.

Ссылки

EPSS

Процентиль: 94%
0.13333
Средний

CVE ID

CVE-2003-0154

Связанные уязвимости

nvd логотип

CVE-2003-0154

nvd
около 22 лет назад

Cross-site scripting vulnerabilities (XSS) in bonsai Mozilla CVS query tool allow remote attackers to execute arbitrary web script via (1) the file, root, or rev parameters to cvslog.cgi, (2) the file or root parameters to cvsblame.cgi, (3) various parameters to cvsquery.cgi, (4) the person parameter to showcheckins.cgi, (5) the module parameter to cvsqueryform.cgi, and (6) possibly other attack vectors as identified by Mozilla bug #146244.

debian логотип

CVE-2003-0154

debian
около 22 лет назад

Cross-site scripting vulnerabilities (XSS) in bonsai Mozilla CVS query ...

EPSS

Процентиль: 94%
0.13333
Средний

CVE ID

CVE-2003-0154