Описание
Cross-site scripting vulnerability in agora.cgi for Agora 3.0a through 4.0g, when debug mode is enabled, allows remote attackers to execute Javascript on other clients via the cart_id parameter.
Ссылки
- URL Repurposed
- Vendor Advisory
- Vendor Advisory
- ExploitPatchVendor Advisory
- URL Repurposed
- Vendor Advisory
- Vendor Advisory
- ExploitPatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:steve_kneizys:agora.cgi:3.2:*:*:*:*:*:*:*
cpe:2.3:a:steve_kneizys:agora.cgi:3.2a:*:*:*:*:*:*:*
cpe:2.3:a:steve_kneizys:agora.cgi:3.2b:*:*:*:*:*:*:*
cpe:2.3:a:steve_kneizys:agora.cgi:3.2c:*:*:*:*:*:*:*
cpe:2.3:a:steve_kneizys:agora.cgi:3.2d:*:*:*:*:*:*:*
cpe:2.3:a:steve_kneizys:agora.cgi:3.2e:*:*:*:*:*:*:*
cpe:2.3:a:steve_kneizys:agora.cgi:3.2f:*:*:*:*:*:*:*
cpe:2.3:a:steve_kneizys:agora.cgi:3.2g:*:*:*:*:*:*:*
cpe:2.3:a:steve_kneizys:agora.cgi:3.2h:*:*:*:*:*:*:*
cpe:2.3:a:steve_kneizys:agora.cgi:3.2i:*:*:*:*:*:*:*
cpe:2.3:a:steve_kneizys:agora.cgi:3.2j:*:*:*:*:*:*:*
cpe:2.3:a:steve_kneizys:agora.cgi:3.2ja:*:*:*:*:*:*:*
cpe:2.3:a:steve_kneizys:agora.cgi:3.2k:*:*:*:*:*:*:*
cpe:2.3:a:steve_kneizys:agora.cgi:3.2l:*:*:*:*:*:*:*
cpe:2.3:a:steve_kneizys:agora.cgi:3.2m:*:*:*:*:*:*:*
cpe:2.3:a:steve_kneizys:agora.cgi:3.2n:*:*:*:*:*:*:*
cpe:2.3:a:steve_kneizys:agora.cgi:3.2p:*:*:*:*:*:*:*
cpe:2.3:a:steve_kneizys:agora.cgi:3.2q:*:*:*:*:*:*:*
cpe:2.3:a:steve_kneizys:agora.cgi:3.2r:*:*:*:*:*:*:*
cpe:2.3:a:steve_kneizys:agora.cgi:3.3a:*:*:*:*:*:*:*
cpe:2.3:a:steve_kneizys:agora.cgi:3.3b:*:*:*:*:*:*:*
cpe:2.3:a:steve_kneizys:agora.cgi:3.3c:*:*:*:*:*:*:*
cpe:2.3:a:steve_kneizys:agora.cgi:3.3d:*:*:*:*:*:*:*
cpe:2.3:a:steve_kneizys:agora.cgi:3.3e:*:*:*:*:*:*:*
cpe:2.3:a:steve_kneizys:agora.cgi:3.3f:*:*:*:*:*:*:*
cpe:2.3:a:steve_kneizys:agora.cgi:3.3i:*:*:*:*:*:*:*
cpe:2.3:a:steve_kneizys:agora.cgi:3.3j:*:*:*:*:*:*:*
cpe:2.3:a:steve_kneizys:agora.cgi:4.0:*:*:*:*:*:*:*
cpe:2.3:a:steve_kneizys:agora.cgi:4.0a:*:*:*:*:*:*:*
cpe:2.3:a:steve_kneizys:agora.cgi:4.0b:*:*:*:*:*:*:*
cpe:2.3:a:steve_kneizys:agora.cgi:4.0c:*:*:*:*:*:*:*
cpe:2.3:a:steve_kneizys:agora.cgi:4.0d:*:*:*:*:*:*:*
EPSS
Процентиль: 89%
0.04669
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
больше 3 лет назад
Cross-site scripting vulnerability in agora.cgi for Agora 3.0a through 4.0g, when debug mode is enabled, allows remote attackers to execute Javascript on other clients via the cart_id parameter.
EPSS
Процентиль: 89%
0.04669
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other