Описание
Multiple cross-site scripting (XSS) vulnerabilities in index.php in Shaarli allow remote attackers to inject arbitrary web script or HTML via the URL to the (1) showRSS, (2) showATOM, or (3) showDailyRSS function; a (4) file name to the importFile function; or (5) vectors related to bookmarks.
Ссылки
- ExploitMailing ListPatchThird Party Advisory
- ExploitMailing ListPatchThird Party Advisory
- Third Party AdvisoryVDB Entry
- PatchThird Party Advisory
- ExploitThird Party Advisory
- ExploitMailing ListPatchThird Party Advisory
- ExploitMailing ListPatchThird Party Advisory
- Third Party AdvisoryVDB Entry
- PatchThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
EPSS
6.1 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
Связанные уязвимости
Multiple cross-site scripting (XSS) vulnerabilities in index.php in Shaarli allow remote attackers to inject arbitrary web script or HTML via the URL to the (1) showRSS, (2) showATOM, or (3) showDailyRSS function; a (4) file name to the importFile function; or (5) vectors related to bookmarks.
Multiple cross-site scripting (XSS) vulnerabilities in index.php in Sh ...
Multiple cross-site scripting (XSS) vulnerabilities in index.php in Shaarli allow remote attackers to inject arbitrary web script or HTML via the URL to the (1) showRSS, (2) showATOM, or (3) showDailyRSS function; a (4) file name to the importFile function; or (5) vectors related to bookmarks.
EPSS
6.1 Medium
CVSS3
4.3 Medium
CVSS2