exploitDog

GHSA-pv7m-66r4-95xg

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

Описание

OX App Suite 7.10.4 and earlier allows XSS via crafted content to reach an undocumented feature, such as ![](http://onerror=Function.constructor, in a Notes item.

OX App Suite 7.10.4 and earlier allows XSS via crafted content to reach an undocumented feature, such as ![](http://onerror=Function.constructor, in a Notes item.

Ссылки

EPSS

Процентиль: 60%

0.00403

Низкий

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2020-28945

CVSS3: 6.1

nvd

почти 5 лет назад

OX App Suite 7.10.4 and earlier allows XSS via crafted content to reach an undocumented feature, such as ![](http://onerror=Function.constructor, in a Notes item.

EPSS

Процентиль: 60%

0.00403

Низкий

CVE ID

Дефекты

CWE-79