Описание
Multiple cross-site scripting (XSS) vulnerabilities in LiveWorld products, possibly including (1) LiveForum, (2) LiveQ&A, (3) LiveChat, and (4) LiveFocusGroup, allow remote attackers to inject arbitrary web script or HTML via the q parameter in (a) search.jsp, (b) findclub!execute.jspa, and (c) search!execute.jspa.
Ссылки
- Exploit
- Exploit
- Exploit
- Exploit
- Exploit
- Exploit
- Exploit
- Exploit
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:liveworld:livechat:*:*:*:*:*:*:*:*
cpe:2.3:a:liveworld:livefocusgroup:*:*:*:*:*:*:*:*
cpe:2.3:a:liveworld:liveforum:*:*:*:*:*:*:*:*
cpe:2.3:a:liveworld:liveq_and_a:*:*:*:*:*:*:*:*
EPSS
Процентиль: 69%
0.00614
Низкий
4.3 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
Multiple cross-site scripting (XSS) vulnerabilities in LiveWorld products, possibly including (1) LiveForum, (2) LiveQ&A, (3) LiveChat, and (4) LiveFocusGroup, allow remote attackers to inject arbitrary web script or HTML via the q parameter in (a) search.jsp, (b) findclub!execute.jspa, and (c) search!execute.jspa.
EPSS
Процентиль: 69%
0.00614
Низкий
4.3 Medium
CVSS2
Дефекты
NVD-CWE-Other