Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-vfm6-8fh8-vqqp

Опубликовано: 01 мая 2022
Источник: github
Github: Не прошло ревью

Описание

Cross-site scripting (XSS) vulnerability in Clever Copy 2.0, 2.0a, and 3.0 allows remote attackers to inject arbitrary web script or HTML via the (1) Referer or (2) X-Forwarded-For headers in an HTTP request, which are not properly handled when the administrator accesses Site Stats.

Cross-site scripting (XSS) vulnerability in Clever Copy 2.0, 2.0a, and 3.0 allows remote attackers to inject arbitrary web script or HTML via the (1) Referer or (2) X-Forwarded-For headers in an HTTP request, which are not properly handled when the administrator accesses Site Stats.

Ссылки

EPSS

Процентиль: 70%
0.00622
Низкий

CVE ID

CVE-2006-0627

Связанные уязвимости

nvd логотип

CVE-2006-0627

nvd
почти 20 лет назад

Cross-site scripting (XSS) vulnerability in Clever Copy 2.0, 2.0a, and 3.0 allows remote attackers to inject arbitrary web script or HTML via the (1) Referer or (2) X-Forwarded-For headers in an HTTP request, which are not properly handled when the administrator accesses Site Stats.

EPSS

Процентиль: 70%
0.00622
Низкий

CVE ID

CVE-2006-0627