Описание
Multiple cross-site scripting (XSS) vulnerabilities in SemanticScuttle before 0.94.1 allow remote attackers to inject arbitrary web script or HTML via the sort parameter to index.php, and other unspecified vectors, a different issue than CVE-2008-6113. NOTE: some of these details are obtained from third party information.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 0.94 (включая)
Одно из
cpe:2.3:a:festic:semanticscuttle:*:*:*:*:*:*:*:*
cpe:2.3:a:festic:semanticscuttle:0.85:*:*:*:*:*:*:*
cpe:2.3:a:festic:semanticscuttle:0.86:*:*:*:*:*:*:*
cpe:2.3:a:festic:semanticscuttle:0.87:*:*:*:*:*:*:*
cpe:2.3:a:festic:semanticscuttle:0.88:*:*:*:*:*:*:*
cpe:2.3:a:festic:semanticscuttle:0.89:*:*:*:*:*:*:*
cpe:2.3:a:festic:semanticscuttle:0.90:*:*:*:*:*:*:*
cpe:2.3:a:festic:semanticscuttle:0.91:*:*:*:*:*:*:*
cpe:2.3:a:festic:semanticscuttle:0.92:*:*:*:*:*:*:*
cpe:2.3:a:festic:semanticscuttle:0.93:*:*:*:*:*:*:*
EPSS
Процентиль: 49%
0.00263
Низкий
4.3 Medium
CVSS2
Дефекты
CWE-79
Связанные уязвимости
github
почти 4 года назад
Multiple cross-site scripting (XSS) vulnerabilities in SemanticScuttle before 0.94.1 allow remote attackers to inject arbitrary web script or HTML via the sort parameter to index.php, and other unspecified vectors, a different issue than CVE-2008-6113. NOTE: some of these details are obtained from third party information.
EPSS
Процентиль: 49%
0.00263
Низкий
4.3 Medium
CVSS2
Дефекты
CWE-79