Описание
FreeScripts VisitorBook LE (visitorbook.pl) logs the reverse DNS name of a visiting host, which allows remote attackers to spoof the origin of their incoming requests and facilitate cross-site scripting (XSS) attacks.
Ссылки
- Mailing List
- Broken LinkPatchVendor Advisory
- Mailing List
- Broken LinkPatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:freescripts:visitorbook_le:-:*:*:*:*:*:*:*
EPSS
Процентиль: 49%
0.00254
Низкий
6.1 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-346
Связанные уязвимости
CVSS3: 6.1
github
больше 3 лет назад
FreeScripts VisitorBook LE (visitorbook.pl) logs the reverse DNS name of a visiting host, which allows remote attackers to spoof the origin of their incoming requests and facilitate cross-site scripting (XSS) attacks.
EPSS
Процентиль: 49%
0.00254
Низкий
6.1 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-346