Описание
Cross-site scripting (XSS) vulnerability in BizDesign ImageFolio 3.01 and earlier allows remote attackers to execute arbitrary web script as other users via (1) the direct parameter in imageFolio.cgi, or (2) nph-build.cgi.
Ссылки
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:bizdesign:imagefolio:2.23:*:*:*:*:*:*:*
cpe:2.3:a:bizdesign:imagefolio:2.24:*:*:*:*:*:*:*
cpe:2.3:a:bizdesign:imagefolio:2.26:*:*:*:*:*:*:*
cpe:2.3:a:bizdesign:imagefolio:2.27:*:*:*:*:*:*:*
cpe:2.3:a:bizdesign:imagefolio:3.0.1:*:*:*:*:*:*:*
EPSS
Процентиль: 71%
0.00671
Низкий
6.8 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
Cross-site scripting (XSS) vulnerability in BizDesign ImageFolio 3.01 and earlier allows remote attackers to execute arbitrary web script as other users via (1) the direct parameter in imageFolio.cgi, or (2) nph-build.cgi.
EPSS
Процентиль: 71%
0.00671
Низкий
6.8 Medium
CVSS2
Дефекты
NVD-CWE-Other