exploitDog

CVE-2011-5150

Опубликовано: 31 авг. 2012

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

Multiple cross-site scripting (XSS) vulnerabilities in SpamTitan 5.07 and possibly earlier allow remote attackers or authenticated users to inject arbitrary web script or HTML via the (1) ipaddress or (2) domain parameter to setup-network.php, different vectors than CVE-2011-5149. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Ссылки

http://secunia.com/advisories/47309
Vendor Advisory
http://www.osvdb.org/77989
http://secunia.com/advisories/47309
Vendor Advisory
http://www.osvdb.org/77989

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:spamtitan:spamtitan:*:*:*:*:*:*:*:*

Версия до 5.07 (включая)

EPSS

Процентиль: 79%

0.01305

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-rpg6-68hp-8vpv

github

больше 3 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in SpamTitan 5.07 and possibly earlier allow remote attackers or authenticated users to inject arbitrary web script or HTML via the (1) ipaddress or (2) domain parameter to setup-network.php, different vectors than CVE-2011-5149. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

EPSS

Процентиль: 79%

0.01305

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-79