exploitDog

GHSA-x4fw-5929-5227

Опубликовано: 24 дек. 2025

Источник: github

Github: Не прошло ревью

CVSS4: 5.1

CVSS3: 7.2

Описание

Leica Geosystems GR10/GR25/GR30/GR50 GNSS 4.30.063 contains a stored cross-site scripting vulnerability in the configuration file upload functionality. Attackers can upload a malicious HTML file to that executes arbitrary JavaScript in a user's browser session when viewed.

Leica Geosystems GR10/GR25/GR30/GR50 GNSS 4.30.063 contains a stored cross-site scripting vulnerability in the configuration file upload functionality. Attackers can upload a malicious HTML file to that executes arbitrary JavaScript in a user's browser session when viewed.

Ссылки

EPSS

Процентиль: 11%

0.00037

Низкий

5.1 Medium

CVSS4

7.2 High

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2018-25131

CVSS3: 7.2

nvd

около 2 месяцев назад

Leica Geosystems GR10/GR25/GR30/GR50 GNSS 4.30.063 contains a stored cross-site scripting vulnerability in the configuration file upload functionality. Attackers can upload a malicious HTML file to that executes arbitrary JavaScript in a user's browser session when viewed.

EPSS

Процентиль: 11%

0.00037

Низкий

5.1 Medium

CVSS4

7.2 High

CVSS3

CVE ID

Дефекты

CWE-79