exploitDog

CVE-2014-1877

Опубликовано: 13 мар. 2014

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

Multiple cross-site scripting (XSS) vulnerabilities in Dokeos 2.1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) Phone, (2) Street, (3) Address line, (4) Zip code, or (5) City field to main/auth/profile.php; (6) Subject field to main/social/groups.php; or (7) Message body field to main/messages/view_message.php.

Ссылки

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:dokeos_project:dokeos:2.1.1:*:*:*:*:*:*:*

EPSS

Процентиль: 51%

0.00275

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-m776-qxp8-pv62

github

больше 3 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in Dokeos 2.1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) Phone, (2) Street, (3) Address line, (4) Zip code, or (5) City field to main/auth/profile.php; (6) Subject field to main/social/groups.php; or (7) Message body field to main/messages/view_message.php.

EPSS

Процентиль: 51%

0.00275

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-79