exploitDog

GHSA-px9p-4jmh-7m47

Опубликовано: 23 июл. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 6.1

Описание

Cross-site Scripting (XSS) vulnerability in "Extension:ExtendedSearch" of Hallo Welt! GmbH BlueSpice allows attacker to inject arbitrary HTML (XSS) on page "Special:SearchCenter", using the search term in the URL.

Cross-site Scripting (XSS) vulnerability in "Extension:ExtendedSearch" of Hallo Welt! GmbH BlueSpice allows attacker to inject arbitrary HTML (XSS) on page "Special:SearchCenter", using the search term in the URL.

Ссылки

EPSS

Процентиль: 49%

0.00258

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2022-2510

CVSS3: 4.3

nvd

больше 3 лет назад

Cross-site Scripting (XSS) vulnerability in "Extension:ExtendedSearch" of Hallo Welt! GmbH BlueSpice allows attacker to inject arbitrary HTML (XSS) on page "Special:SearchCenter", using the search term in the URL.

EPSS

Процентиль: 49%

0.00258

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79