exploitDog

GHSA-pgf5-9895-3ph9

Опубликовано: 04 апр. 2024

Источник: github

Github: Не прошло ревью

CVSS3: 9.6

Описание

SiYuan version 3.0.3 allows executing arbitrary commands on the server. This is possible because the application is vulnerable to Server Side XSS.

SiYuan version 3.0.3 allows executing arbitrary commands on the server. This is possible because the application is vulnerable to Server Side XSS.

Ссылки

EPSS

Процентиль: 53%

0.00297

Низкий

9.6 Critical

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2024-2692

CVSS3: 9

nvd

почти 2 года назад

SiYuan version 3.0.3 allows executing arbitrary commands on the server. This is possible because the application is vulnerable to Server Side XSS.

EPSS

Процентиль: 53%

0.00297

Низкий

9.6 Critical

CVSS3

CVE ID

Дефекты

CWE-79