Описание
Cross-site scripting (XSS) vulnerability in GNUMP3D before 2.9.5 allows remote attackers to inject arbitrary web script or HTML via 404 error pages, a different vulnerability than CVE-2005-3425.
Ссылки
- Patch
- PatchVendor Advisory
- PatchVendor Advisory
- Patch
- Patch
- PatchVendor Advisory
- PatchVendor Advisory
- Patch
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:gnu:gnump3d:2.0:*:*:*:*:*:*:*
cpe:2.3:a:gnu:gnump3d:2.1:*:*:*:*:*:*:*
cpe:2.3:a:gnu:gnump3d:2.2:*:*:*:*:*:*:*
cpe:2.3:a:gnu:gnump3d:2.3:*:*:*:*:*:*:*
cpe:2.3:a:gnu:gnump3d:2.4:*:*:*:*:*:*:*
cpe:2.3:a:gnu:gnump3d:2.5:*:*:*:*:*:*:*
cpe:2.3:a:gnu:gnump3d:2.5b:*:*:*:*:*:*:*
cpe:2.3:a:gnu:gnump3d:2.6:*:*:*:*:*:*:*
cpe:2.3:a:gnu:gnump3d:2.7:*:*:*:*:*:*:*
cpe:2.3:a:gnu:gnump3d:2.8:*:*:*:*:*:*:*
cpe:2.3:a:gnu:gnump3d:2.9:*:*:*:*:*:*:*
cpe:2.3:a:gnu:gnump3d:2.9.1:*:*:*:*:*:*:*
cpe:2.3:a:gnu:gnump3d:2.9.2:*:*:*:*:*:*:*
cpe:2.3:a:gnu:gnump3d:2.9.3:*:*:*:*:*:*:*
cpe:2.3:a:gnu:gnump3d:2.9.4:*:*:*:*:*:*:*
EPSS
Процентиль: 69%
0.00605
Низкий
4.3 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
ubuntu
около 20 лет назад
Cross-site scripting (XSS) vulnerability in GNUMP3D before 2.9.5 allows remote attackers to inject arbitrary web script or HTML via 404 error pages, a different vulnerability than CVE-2005-3425.
debian
около 20 лет назад
Cross-site scripting (XSS) vulnerability in GNUMP3D before 2.9.5 allow ...
github
больше 3 лет назад
Cross-site scripting (XSS) vulnerability in GNUMP3D before 2.9.5 allows remote attackers to inject arbitrary web script or HTML via 404 error pages, a different vulnerability than CVE-2005-3425.
EPSS
Процентиль: 69%
0.00605
Низкий
4.3 Medium
CVSS2
Дефекты
NVD-CWE-Other