CVE-2014-125034

Опубликовано: 02 янв. 2023

Источник: nvd

CVSS3: 3.5

CVSS3: 6.1

CVSS2: 4

EPSS Низкий

Описание

A vulnerability has been found in stiiv contact_app and classified as problematic. Affected by this vulnerability is the function render of the file libs/View.php. The manipulation of the argument var leads to cross site scripting. The attack can be launched remotely. The patch is named 67bec33f559da9d41a1b45eb9e992bd8683a7f8c. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-217183.

Ссылки

https://github.com/stiiv/contact_app/commit/67bec33f559da9d41a1b45eb9e992bd8683a7f8c
Patch
Third Party Advisory
https://vuldb.com/?ctiid.217183
Third Party Advisory
https://vuldb.com/?id.217183
Third Party Advisory
https://github.com/stiiv/contact_app/commit/67bec33f559da9d41a1b45eb9e992bd8683a7f8c
Patch
Third Party Advisory
https://vuldb.com/?ctiid.217183
Third Party Advisory
https://vuldb.com/?id.217183
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:contact_app_project:contact_app:*:*:*:*:*:*:*:*

Версия до 2014-12-04 (исключая)

EPSS

Процентиль: 48%

0.0025

Низкий

3.5 Low

CVSS3

6.1 Medium

CVSS3

4 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-gpxg-5hhc-fxc2

CVSS3: 6.1

github

около 3 лет назад

A vulnerability has been found in stiiv contact_app and classified as problematic. Affected by this vulnerability is the function render of the file libs/View.php. The manipulation of the argument var leads to cross site scripting. The attack can be launched remotely. The name of the patch is 67bec33f559da9d41a1b45eb9e992bd8683a7f8c. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-217183.

EPSS

Процентиль: 48%

0.0025

Низкий

3.5 Low

CVSS3

6.1 Medium

CVSS3

4 Medium

CVSS2

Дефекты

CWE-79