exploitDog

CVE-2012-1932

Опубликовано: 19 фев. 2020

Источник: nvd

CVSS3: 4.8

CVSS2: 3.5

EPSS Низкий

Описание

A cross-site scripting (XSS) vulnerability in Wolf CMS 0.75 and earlier allows remote attackers to inject arbitrary web script or HTML via the setting[admin_email] parameter to admin/setting.

Ссылки

https://packetstormsecurity.com/files/111185/Wolf-CMS-0.75-Persistent-Cross-Site-Scripting.html
Exploit
Third Party Advisory
VDB Entry
https://packetstormsecurity.com/files/111185/Wolf-CMS-0.75-Persistent-Cross-Site-Scripting.html
Exploit
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:wolfcms:wolf_cms:*:*:*:*:*:*:*:*

Версия до 0.7.5 (включая)

EPSS

Процентиль: 36%

0.00151

Низкий

4.8 Medium

CVSS3

3.5 Low

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-h425-cg84-p722

github

почти 4 года назад

A cross-site scripting (XSS) vulnerability in Wolf CMS 0.75 and earlier allows remote attackers to inject arbitrary web script or HTML via the setting[admin_email] parameter to admin/setting.

EPSS

Процентиль: 36%

0.00151

Низкий

4.8 Medium

CVSS3

3.5 Low

CVSS2

Дефекты

CWE-79