exploitDog

CVE-2012-3842

Опубликовано: 03 июл. 2012

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

Multiple cross-site scripting (XSS) vulnerabilities in CMD_DOMAIN in JBMC Software DirectAdmin 1.403 allow remote authenticated users with certain privileges to inject arbitrary web script or HTML via the (1) select0 or (2) select8 parameters.

Ссылки

http://archives.neohapsis.com/archives/bugtraq/2012-04/0214.html
Broken Link
http://www.securityfocus.com/bid/53281
Exploit
http://www.vulnerability-lab.com/get_content.php?id=509
Exploit
Third Party Advisory
http://archives.neohapsis.com/archives/bugtraq/2012-04/0214.html
Broken Link
http://www.securityfocus.com/bid/53281
Exploit
http://www.vulnerability-lab.com/get_content.php?id=509
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:directadmin:directadmin:1.403:*:*:*:*:*:*:*

EPSS

Процентиль: 47%

0.0024

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-43g2-2w55-rgfp

github

больше 3 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in CMD_DOMAIN in JBMC Software DirectAdmin 1.403 allow remote authenticated users with certain privileges to inject arbitrary web script or HTML via the (1) select0 or (2) select8 parameters.

EPSS

Процентиль: 47%

0.0024

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-79