exploitDog

GHSA-wrvg-r9g6-49j5

Опубликовано: 16 дек. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 9.6

Описание

Cross Site Scripting (XSS) vulnerability in Things Board 3.4.1 allows remote attackers to escalate privilege via crafted URL to the Audit Log.

Cross Site Scripting (XSS) vulnerability in Things Board 3.4.1 allows remote attackers to escalate privilege via crafted URL to the Audit Log.

Ссылки

EPSS

Процентиль: 75%

0.00909

Низкий

9.6 Critical

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2022-40004

CVSS3: 9.6

nvd

около 3 лет назад

Cross Site Scripting (XSS) vulnerability in Things Board 3.4.1 allows remote attackers to escalate privilege via crafted URL to the Audit Log.

EPSS

Процентиль: 75%

0.00909

Низкий

9.6 Critical

CVSS3

CVE ID

Дефекты

CWE-79