Описание
Cross-site scripting (XSS) vulnerability in content_footer.php in toendaCMS 0.7.0 allows remote attackers to inject arbitrary web scripts or HTML via the print_url variable. NOTE: the provenance of this information is unknown; the details are obtained solely from third party sources.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 0.7 (включая)
Одно из
cpe:2.3:a:toenda_software_development:toendacms:*:*:*:*:*:*:*:*
cpe:2.3:a:toenda_software_development:toendacms:0.6:*:*:*:*:*:*:*
cpe:2.3:a:toenda_software_development:toendacms:0.6.1:*:*:*:*:*:*:*
cpe:2.3:a:toenda_software_development:toendacms:0.6.2.1:*:*:*:*:*:*:*
cpe:2.3:a:toenda_software_development:toendacms:0.6_beta_1:*:*:*:*:*:*:*
cpe:2.3:a:toenda_software_development:toendacms:0.6_beta_2:*:*:*:*:*:*:*
cpe:2.3:a:toenda_software_development:toendacms:0.6_beta_3:*:*:*:*:*:*:*
cpe:2.3:a:toenda_software_development:toendacms:0.6_pre-beta:*:*:*:*:*:*:*
EPSS
Процентиль: 77%
0.01009
Низкий
6.8 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
Cross-site scripting (XSS) vulnerability in content_footer.php in toendaCMS 0.7.0 allows remote attackers to inject arbitrary web scripts or HTML via the print_url variable. NOTE: the provenance of this information is unknown; the details are obtained solely from third party sources.
EPSS
Процентиль: 77%
0.01009
Низкий
6.8 Medium
CVSS2
Дефекты
NVD-CWE-Other