Описание
Unspecified vulnerability in OSADS Alliance Database before 1.4 has unknown impact and attack vectors related to a "Security Leak to lock in HTML-Code," possibly due to a cross-site scripting (XSS) vulnerability involving comments.
Ссылки
- PatchVendor Advisory
- Patch
- Patch
- PatchVendor Advisory
- Patch
- Patch
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:osads_alliance_database:osads_alliance_database:1.1:*:*:*:*:*:*:*
cpe:2.3:a:osads_alliance_database:osads_alliance_database:1.2:*:*:*:*:*:*:*
cpe:2.3:a:osads_alliance_database:osads_alliance_database:1.3:*:*:*:*:*:*:*
EPSS
Процентиль: 67%
0.0054
Низкий
4.3 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
Unspecified vulnerability in OSADS Alliance Database before 1.4 has unknown impact and attack vectors related to a "Security Leak to lock in HTML-Code," possibly due to a cross-site scripting (XSS) vulnerability involving comments.
EPSS
Процентиль: 67%
0.0054
Низкий
4.3 Medium
CVSS2
Дефекты
NVD-CWE-Other