Описание
Cross-site scripting (XSS) vulnerability in the create list option in Sympa 4.1.x and earlier allows remote authenticated users to inject arbitrary web script or HTML via the description field.
Ссылки
- Vendor Advisory
- ExploitVendor Advisory
- Vendor Advisory
- ExploitVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:sympa:sympa:4.0:*:*:*:*:*:*:*
cpe:2.3:a:sympa:sympa:4.1:*:*:*:*:*:*:*
cpe:2.3:a:sympa:sympa:4.1.1:*:*:*:*:*:*:*
cpe:2.3:a:sympa:sympa:4.1.2:*:*:*:*:*:*:*
EPSS
Процентиль: 88%
0.03931
Низкий
4.3 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
ubuntu
около 21 года назад
Cross-site scripting (XSS) vulnerability in the create list option in Sympa 4.1.x and earlier allows remote authenticated users to inject arbitrary web script or HTML via the description field.
debian
около 21 года назад
Cross-site scripting (XSS) vulnerability in the create list option in ...
github
больше 3 лет назад
Cross-site scripting (XSS) vulnerability in the create list option in Sympa 4.1.x and earlier allows remote authenticated users to inject arbitrary web script or HTML via the description field.
EPSS
Процентиль: 88%
0.03931
Низкий
4.3 Medium
CVSS2
Дефекты
NVD-CWE-Other