Описание
Cross-site scripting (XSS) vulnerability in index.php in Enterprise Groupware System (EGS) 1.2.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the module parameter.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.2.4 (включая)
Одно из
cpe:2.3:a:senokian_solutions:enterprise_groupware_systems:*:*:*:*:*:*:*:*
cpe:2.3:a:senokian_solutions:enterprise_groupware_systems:1.0:*:*:*:*:*:*:*
cpe:2.3:a:senokian_solutions:enterprise_groupware_systems:1.0_rc1:*:*:*:*:*:*:*
cpe:2.3:a:senokian_solutions:enterprise_groupware_systems:1.0_rc2:*:*:*:*:*:*:*
cpe:2.3:a:senokian_solutions:enterprise_groupware_systems:1.0_rc3:*:*:*:*:*:*:*
cpe:2.3:a:senokian_solutions:enterprise_groupware_systems:1.0_rc4:*:*:*:*:*:*:*
cpe:2.3:a:senokian_solutions:enterprise_groupware_systems:1.0_rc5:*:*:*:*:*:*:*
cpe:2.3:a:senokian_solutions:enterprise_groupware_systems:1.1:*:*:*:*:*:*:*
cpe:2.3:a:senokian_solutions:enterprise_groupware_systems:1.01:*:*:*:*:*:*:*
cpe:2.3:a:senokian_solutions:enterprise_groupware_systems:1.1.1:*:*:*:*:*:*:*
cpe:2.3:a:senokian_solutions:enterprise_groupware_systems:1.1.2:*:*:*:*:*:*:*
cpe:2.3:a:senokian_solutions:enterprise_groupware_systems:1.2:*:*:*:*:*:*:*
cpe:2.3:a:senokian_solutions:enterprise_groupware_systems:1.2.1:*:*:*:*:*:*:*
cpe:2.3:a:senokian_solutions:enterprise_groupware_systems:1.2.2:*:*:*:*:*:*:*
cpe:2.3:a:senokian_solutions:enterprise_groupware_systems:1.2.3:*:*:*:*:*:*:*
EPSS
Процентиль: 67%
0.00527
Низкий
2.6 Low
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
Cross-site scripting (XSS) vulnerability in index.php in Enterprise Groupware System (EGS) 1.2.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the module parameter.
EPSS
Процентиль: 67%
0.00527
Низкий
2.6 Low
CVSS2
Дефекты
NVD-CWE-Other