Описание
Maxthon 1.2.0 and 1.2.1 allows remote attackers to bypass the security ID and use restricted plugin API functions via script that includes the max.src file into the source page.
Ссылки
- PatchVendor Advisory
- ExploitPatchVendor Advisory
- Exploit
- PatchVendor Advisory
- ExploitPatchVendor Advisory
- Exploit
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:maxthon:maxthon:1.2:*:*:*:*:*:*:*
cpe:2.3:a:maxthon:maxthon:1.2.1:*:*:*:*:*:*:*
EPSS
Процентиль: 62%
0.00428
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
Maxthon 1.2.0 and 1.2.1 allows remote attackers to bypass the security ID and use restricted plugin API functions via script that includes the max.src file into the source page.
EPSS
Процентиль: 62%
0.00428
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other