exploitDog

GHSA-mw97-9v5p-rf9q

Опубликовано: 17 нояб. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 5.4

Описание

A stored XSS vulnerability was discovered in adminweb/ra/viewendentity.jsp in PrimeKey EJBCA through 7.9.0.2. A low-privilege user can store JavaScript in order to exploit a higher-privilege user.

A stored XSS vulnerability was discovered in adminweb/ra/viewendentity.jsp in PrimeKey EJBCA through 7.9.0.2. A low-privilege user can store JavaScript in order to exploit a higher-privilege user.

Ссылки

EPSS

Процентиль: 67%

0.00548

Низкий

5.4 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2022-39834

CVSS3: 5.4

nvd

около 3 лет назад

A stored XSS vulnerability was discovered in adminweb/ra/viewendentity.jsp in PrimeKey EJBCA through 7.9.0.2. A low-privilege user can store JavaScript in order to exploit a higher-privilege user.

EPSS

Процентиль: 67%

0.00548

Низкий

5.4 Medium

CVSS3

CVE ID

Дефекты

CWE-79