Описание
ubiquity-slideshow-ubuntu before 58.2, during installation, allows remote man-in-the-middle attackers to execute arbitrary web script or HTML and read arbitrary files via a crafted attribute in the tag of a Twitter feed.
Уязвимые конфигурации
Конфигурация 1Версия до 58.1 (включая)
Одно из
cpe:2.3:a:ubiquity_slideshow_team:ubiquity-slideshow-ubuntu:*:*:*:*:*:*:*:*
cpe:2.3:a:ubiquity_slideshow_team:ubiquity-slideshow-ubuntu:49:*:*:*:*:*:*:*
cpe:2.3:a:ubiquity_slideshow_team:ubiquity-slideshow-ubuntu:52:*:*:*:*:*:*:*
cpe:2.3:a:ubiquity_slideshow_team:ubiquity-slideshow-ubuntu:53:*:*:*:*:*:*:*
cpe:2.3:a:ubiquity_slideshow_team:ubiquity-slideshow-ubuntu:54:*:*:*:*:*:*:*
cpe:2.3:a:ubiquity_slideshow_team:ubiquity-slideshow-ubuntu:55:*:*:*:*:*:*:*
cpe:2.3:a:ubiquity_slideshow_team:ubiquity-slideshow-ubuntu:56:*:*:*:*:*:*:*
cpe:2.3:a:ubiquity_slideshow_team:ubiquity-slideshow-ubuntu:57:*:*:*:*:*:*:*
cpe:2.3:a:ubiquity_slideshow_team:ubiquity-slideshow-ubuntu:58:*:*:*:*:*:*:*
EPSS
Процентиль: 57%
0.0035
Низкий
6.8 Medium
CVSS2
Дефекты
CWE-264
Связанные уязвимости
ubuntu
больше 13 лет назад
ubiquity-slideshow-ubuntu before 58.2, during installation, allows remote man-in-the-middle attackers to execute arbitrary web script or HTML and read arbitrary files via a crafted attribute in the <a> tag of a Twitter feed.
github
больше 3 лет назад
ubiquity-slideshow-ubuntu before 58.2, during installation, allows remote man-in-the-middle attackers to execute arbitrary web script or HTML and read arbitrary files via a crafted attribute in the <a> tag of a Twitter feed.
EPSS
Процентиль: 57%
0.0035
Низкий
6.8 Medium
CVSS2
Дефекты
CWE-264