Описание
Cross-site scripting (XSS) vulnerability in Land Down Under (LDU) before LDU 700 allows remote attackers to inject arbitrary web script or HTML via a BBcode img tag in (1) functions.php, (2) header.php or (3) auth.inc.php.
Ссылки
- PatchVendor Advisory
- PatchVendor Advisory
- PatchVendor Advisory
- PatchVendor Advisory
- PatchVendor Advisory
- PatchVendor Advisory
- PatchVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 700.03 (включая)
Одно из
cpe:2.3:a:neocrome:land_down_under:*:*:*:*:*:*:*:*
cpe:2.3:a:neocrome:land_down_under:601:*:*:*:*:*:*:*
cpe:2.3:a:neocrome:land_down_under:602:*:*:*:*:*:*:*
cpe:2.3:a:neocrome:land_down_under:700.01:*:*:*:*:*:*:*
cpe:2.3:a:neocrome:land_down_under:700.02:*:*:*:*:*:*:*
EPSS
Процентиль: 93%
0.11044
Средний
4.3 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
Cross-site scripting (XSS) vulnerability in Land Down Under (LDU) before LDU 700 allows remote attackers to inject arbitrary web script or HTML via a BBcode img tag in (1) functions.php, (2) header.php or (3) auth.inc.php.
EPSS
Процентиль: 93%
0.11044
Средний
4.3 Medium
CVSS2
Дефекты
NVD-CWE-Other