CVE-2009-4823

Опубликовано: 27 апр. 2010

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

Cross-site scripting (XSS) vulnerability in frontend/x3/files/fileop.html in cPanel 11.0 through 11.24.7 allows remote attackers to inject arbitrary web script or HTML via the fileop parameter.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:cpanel:cpanel:11.0:*:*:*:*:*:*:*

cpe:2.3:a:cpanel:cpanel:11.4.19:*:*:*:*:*:*:*

cpe:2.3:a:cpanel:cpanel:11.16:*:*:*:*:*:*:*

cpe:2.3:a:cpanel:cpanel:11.18:*:*:*:*:*:*:*

cpe:2.3:a:cpanel:cpanel:11.18.1:*:*:*:*:*:*:*

cpe:2.3:a:cpanel:cpanel:11.18.2:*:*:*:*:*:*:*

cpe:2.3:a:cpanel:cpanel:11.18.3:*:*:*:*:*:*:*

cpe:2.3:a:cpanel:cpanel:11.18.4:*:*:*:*:*:*:*

cpe:2.3:a:cpanel:cpanel:11.19.3:*:*:*:*:*:*:*

cpe:2.3:a:cpanel:cpanel:11.21:*:*:*:*:*:*:*

cpe:2.3:a:cpanel:cpanel:11.21:beta:*:*:*:*:*:*

cpe:2.3:a:cpanel:cpanel:11.22:*:*:*:*:*:*:*

cpe:2.3:a:cpanel:cpanel:11.22.1:*:*:*:*:*:*:*

cpe:2.3:a:cpanel:cpanel:11.22.2:*:*:*:*:*:*:*

cpe:2.3:a:cpanel:cpanel:11.22.3:*:*:*:*:*:*:*

cpe:2.3:a:cpanel:cpanel:11.24:*:*:*:*:*:*:*

cpe:2.3:a:cpanel:cpanel:11.24.7:*:*:*:*:*:*:*

EPSS

Процентиль: 80%

0.01372

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-g9m4-mjxc-rw4q

github

почти 4 года назад