exploitDog

GHSA-r8hg-9x2x-9w8f

Опубликовано: 15 дек. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 5.4

Описание

A stored cross-site scripting vulnerability exists in the HdConfigActions.aspx altertextlanguages functionality of Lansweeper lansweeper 10.1.1.0. A specially-crafted HTTP request can lead to arbitrary Javascript code injection. An attacker can send an HTTP request to trigger this vulnerability.

A stored cross-site scripting vulnerability exists in the HdConfigActions.aspx altertextlanguages functionality of Lansweeper lansweeper 10.1.1.0. A specially-crafted HTTP request can lead to arbitrary Javascript code injection. An attacker can send an HTTP request to trigger this vulnerability.

Ссылки

EPSS

Процентиль: 88%

0.03886

Низкий

5.4 Medium

CVSS3

CVE ID

Дефекты

CWE-79

CWE-80

Связанные уязвимости

CVE-2022-28703

CVSS3: 5.4

nvd

около 3 лет назад

A stored cross-site scripting vulnerability exists in the HdConfigActions.aspx altertextlanguages functionality of Lansweeper lansweeper 10.1.1.0. A specially-crafted HTTP request can lead to arbitrary Javascript code injection. An attacker can send an HTTP request to trigger this vulnerability.

EPSS

Процентиль: 88%

0.03886

Низкий

5.4 Medium

CVSS3

CVE ID

Дефекты

CWE-79

CWE-80