exploitDog

CVE-2008-2637

Опубликовано: 10 июн. 2008

Источник: nvd

CVSS2: 4.3

EPSS Средний

Описание

Multiple cross-site scripting (XSS) vulnerabilities in F5 FirePass SSL VPN 6.0.2 hotfix 3, and possibly earlier versions, allow remote attackers to inject arbitrary web script or HTML via quotes in (1) the css_exceptions parameter in vdesk/admincon/webyfiers.php and (2) the sql_matchscope parameter in vdesk/admincon/index.php.

Ссылки

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:f5:firepass_ssl_vpn:6.0.2:hotfix_3:*:*:*:*:*:*

EPSS

Процентиль: 94%

0.13105

Средний

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-fc3v-jjjq-68v3

github

почти 4 года назад

Multiple cross-site scripting (XSS) vulnerabilities in F5 FirePass SSL VPN 6.0.2 hotfix 3, and possibly earlier versions, allow remote attackers to inject arbitrary web script or HTML via quotes in (1) the css_exceptions parameter in vdesk/admincon/webyfiers.php and (2) the sql_matchscope parameter in vdesk/admincon/index.php.

EPSS

Процентиль: 94%

0.13105

Средний

4.3 Medium

CVSS2

Дефекты

CWE-79