exploitDog

GHSA-xw95-hgq7-7c3x

Опубликовано: 09 авг. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 6.1

Описание

A reflected cross-site scripting (XSS) vulnerability in the component /ui/diagnostics/log/core/ of OPNsense before 23.7 allows attackers to inject arbitrary JavaScript via the URL path.

A reflected cross-site scripting (XSS) vulnerability in the component /ui/diagnostics/log/core/ of OPNsense before 23.7 allows attackers to inject arbitrary JavaScript via the URL path.

Ссылки

EPSS

Процентиль: 44%

0.0021

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2023-39000

CVSS3: 6.1

nvd

около 2 лет назад

A reflected cross-site scripting (XSS) vulnerability in the component /ui/diagnostics/log/core/ of OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 allows attackers to inject arbitrary JavaScript via the URL path.

EPSS

Процентиль: 44%

0.0021

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79