exploitDog

GHSA-xc45-x545-2224

Опубликовано: 17 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 5.4

Описание

Multiple cross-site scripting (XSS) vulnerabilities in the Redhen module 7.x-1.x before 7.x-1.11 for Drupal allow remote authenticated users with certain access to inject arbitrary web script or HTML via unspecified vectors, related to (1) individual contacts, (2) notes, or (3) engagement scores.

Multiple cross-site scripting (XSS) vulnerabilities in the Redhen module 7.x-1.x before 7.x-1.11 for Drupal allow remote authenticated users with certain access to inject arbitrary web script or HTML via unspecified vectors, related to (1) individual contacts, (2) notes, or (3) engagement scores.

Ссылки

EPSS

Процентиль: 41%

0.00187

Низкий

5.4 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2016-1913

CVSS3: 5.4

nvd

около 10 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in the Redhen module 7.x-1.x before 7.x-1.11 for Drupal allow remote authenticated users with certain access to inject arbitrary web script or HTML via unspecified vectors, related to (1) individual contacts, (2) notes, or (3) engagement scores.

EPSS

Процентиль: 41%

0.00187

Низкий

5.4 Medium

CVSS3

CVE ID

Дефекты

CWE-79