Описание
Cross-site scripting (XSS) vulnerability in PostNuke 0.71 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) name parameter in modules.php and (2) catid parameter in index.php.
Ссылки
- ExploitPatch
- Patch
- Patch
- ExploitPatch
- Patch
- Patch
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:postnuke_software_foundation:postnuke:0.7:*:*:*:*:*:*:*
cpe:2.3:a:postnuke_software_foundation:postnuke:0.62:*:*:*:*:*:*:*
cpe:2.3:a:postnuke_software_foundation:postnuke:0.63:*:*:*:*:*:*:*
cpe:2.3:a:postnuke_software_foundation:postnuke:0.64:*:*:*:*:*:*:*
cpe:2.3:a:postnuke_software_foundation:postnuke:0.70:*:*:*:*:*:*:*
cpe:2.3:a:postnuke_software_foundation:postnuke:0.71:*:*:*:*:*:*:*
cpe:2.3:a:postnuke_software_foundation:postnuke:0.703:*:*:*:*:*:*:*
EPSS
Процентиль: 65%
0.00504
Низкий
2.6 Low
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
больше 3 лет назад
Cross-site scripting (XSS) vulnerability in PostNuke 0.71 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) name parameter in modules.php and (2) catid parameter in index.php.
EPSS
Процентиль: 65%
0.00504
Низкий
2.6 Low
CVSS2
Дефекты
NVD-CWE-Other