Описание
Multiple cross-site scripting (XSS) vulnerabilities in ThWboard Beta 2.8 and 2.81 allow remote attackers to inject arbitrary web script or HTML via (1) time in board.php, (2) the profile Homepage-Feld, (3) pictures, and (4) other "Diverse XSS Bugs."
Ссылки
- PatchVendor Advisory
- Vendor Advisory
- ExploitPatchVendor Advisory
- ExploitPatchVendor Advisory
- ExploitPatchVendor Advisory
- ExploitPatchVendor Advisory
- ExploitPatchVendor Advisory
- ExploitPatchVendor Advisory
- Patch
- PatchVendor Advisory
- Vendor Advisory
- ExploitPatchVendor Advisory
- ExploitPatchVendor Advisory
- ExploitPatchVendor Advisory
- ExploitPatchVendor Advisory
- ExploitPatchVendor Advisory
- ExploitPatchVendor Advisory
- Patch
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:thwboard:thwboard:2.8_beta:*:*:*:*:*:*:*
cpe:2.3:a:thwboard:thwboard:2.81_beta:*:*:*:*:*:*:*
EPSS
Процентиль: 88%
0.03992
Низкий
4.3 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
Multiple cross-site scripting (XSS) vulnerabilities in ThWboard Beta 2.8 and 2.81 allow remote attackers to inject arbitrary web script or HTML via (1) time in board.php, (2) the profile Homepage-Feld, (3) pictures, and (4) other "Diverse XSS Bugs."
EPSS
Процентиль: 88%
0.03992
Низкий
4.3 Medium
CVSS2
Дефекты
NVD-CWE-Other