exploitDog

GHSA-v2rc-5jqj-6rmg

Опубликовано: 18 апр. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 6.1

Описание

Cross-Site Scripting (XSS) vulnerability in NodeBB v4.0.4 and before allows remote attackers to store arbitrary code in the admin API Access token generator.

Cross-Site Scripting (XSS) vulnerability in NodeBB v4.0.4 and before allows remote attackers to store arbitrary code in the admin API Access token generator.

Ссылки

EPSS

Процентиль: 27%

0.00096

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2025-29513

CVSS3: 6.1

nvd

10 месяцев назад

Cross-Site Scripting (XSS) vulnerability in NodeBB v4.0.4 and before allows remote attackers to store arbitrary code in the admin API Access token generator.

EPSS

Процентиль: 27%

0.00096

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79