exploitDog

CVE-2012-1500

Опубликовано: 13 фев. 2020

Источник: nvd

CVSS3: 5.4

CVSS2: 3.5

EPSS Низкий

Описание

Stored XSS vulnerability in UpdateFieldJson.jspa in JIRA 4.4.3 and GreenHopper before 5.9.8 allows an attacker to inject arbitrary script code.

Ссылки

https://web.archive.org/web/20121014055829/http://www.cloudscan.me/2012/09/cve-2012-1500-ghs-5375-ghs-5642.html
Exploit
Third Party Advisory
https://www.exploit-db.com/exploits/21052
Exploit
Third Party Advisory
VDB Entry
https://web.archive.org/web/20121014055829/http://www.cloudscan.me/2012/09/cve-2012-1500-ghs-5375-ghs-5642.html
Exploit
Third Party Advisory
https://www.exploit-db.com/exploits/21052
Exploit
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:atlassian:greenhopper:*:*:*:*:*:*:*:*

Версия до 5.9.8 (исключая)

cpe:2.3:a:atlassian:jira:4.4.3:*:*:*:*:*:*:*

EPSS

Процентиль: 41%

0.00188

Низкий

5.4 Medium

CVSS3

3.5 Low

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-7qc8-6vj6-vfrq

github

около 3 лет назад

Stored XSS vulnerability in UpdateFieldJson.jspa in JIRA 4.4.3 and GreenHopper before 5.9.8 allows an attacker to inject arbitrary script code.

EPSS

Процентиль: 41%

0.00188

Низкий

5.4 Medium

CVSS3

3.5 Low

CVSS2

Дефекты

CWE-79