Описание
Cross-site scripting (XSS) vulnerability in msgError.asp for the administrative web interface (STEMWADM) for SurfControl SuperScout Email Filter allows remote attackers to insert arbitrary script or HTML via the Reason parameter.
Ссылки
- ExploitVendor Advisory
- PatchVendor Advisory
- ExploitPatchVendor Advisory
- ExploitVendor Advisory
- PatchVendor Advisory
- ExploitPatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:surfcontrol:superscout_email_filter:3.5:*:*:*:*:*:*:*
cpe:2.3:a:surfcontrol:superscout_email_filter:3.5.1:*:*:*:*:*:*:*
cpe:2.3:a:surfcontrol:superscout_email_filter:4.0:*:smtp:*:*:*:*:*
EPSS
Процентиль: 74%
0.00879
Низкий
4.3 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
больше 3 лет назад
Cross-site scripting (XSS) vulnerability in msgError.asp for the administrative web interface (STEMWADM) for SurfControl SuperScout Email Filter allows remote attackers to insert arbitrary script or HTML via the Reason parameter.
EPSS
Процентиль: 74%
0.00879
Низкий
4.3 Medium
CVSS2
Дефекты
NVD-CWE-Other