exploitDog

GHSA-rvm9-vjh6-7fhr

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 6.1

Описание

Flower 1.0.0 has XSS via a crafted worker name.

Flower 1.0.0 has XSS via a crafted worker name.

Ссылки

EPSS

Процентиль: 47%

0.0024

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2019-16926

CVSS3: 6.1

nvd

больше 6 лет назад

Flower 0.9.3 has XSS via a crafted worker name. NOTE: The project author stated that he doesn't think this is a valid vulnerability. Worker name and task name aren’t user facing configuration options. They are internal backend config options and person having rights to change them already has full access

EPSS

Процентиль: 47%

0.0024

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79