Описание
FitNesse Cross-site Scripting vulnerability
Cross-site scripting vulnerability exists in FitNesse releases prior to 20220319, which may allow a remote unauthenticated attacker to execute an arbitrary script on the web browser of the user who is using the product and accessing a link with a specially crafted certain parameter.
Пакеты
Наименование
org.fitnesse:fitnesse
maven
Затронутые версииВерсия исправления
< 20220319
20220319
Связанные уязвимости
CVSS3: 6.1
nvd
почти 2 года назад
Cross-site scripting vulnerability exists in FitNesse releases prior to 20220319, which may allow a remote unauthenticated attacker to execute an arbitrary script on the web browser of the user who is using the product and accessing a link with a specially crafted certain parameter.