exploitDog

GHSA-mhm5-qhmr-4x2g

Опубликовано: 01 мая 2022

Источник: github

Github: Не прошло ревью

Описание

Cross-site scripting (XSS) vulnerability in setroubleshoot 2.0.5 allows local users to inject arbitrary web script or HTML via a crafted (1) file or (2) process name, which triggers an Access Vector Cache (AVC) log entry in a log file used during composition of HTML documents for sealert.

Cross-site scripting (XSS) vulnerability in setroubleshoot 2.0.5 allows local users to inject arbitrary web script or HTML via a crafted (1) file or (2) process name, which triggers an Access Vector Cache (AVC) log entry in a log file used during composition of HTML documents for sealert.

Ссылки

EPSS

Процентиль: 22%

0.00069

Низкий

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2007-5496

redhat

около 17 лет назад

Cross-site scripting (XSS) vulnerability in setroubleshoot 2.0.5 allows local users to inject arbitrary web script or HTML via a crafted (1) file or (2) process name, which triggers an Access Vector Cache (AVC) log entry in a log file used during composition of HTML documents for sealert.

CVE-2007-5496

nvd

около 17 лет назад

Cross-site scripting (XSS) vulnerability in setroubleshoot 2.0.5 allows local users to inject arbitrary web script or HTML via a crafted (1) file or (2) process name, which triggers an Access Vector Cache (AVC) log entry in a log file used during composition of HTML documents for sealert.

ELSA-2008-0061

oracle-oval

около 17 лет назад

ELSA-2008-0061: setroubleshoot security and bug fix update (MODERATE)

EPSS

Процентиль: 22%

0.00069

Низкий

CVE ID

Дефекты

CWE-79