Описание
Multiple cross-site scripting (XSS) vulnerabilities in Askbot before 0.7.49 allow remote attackers to inject arbitrary web script or HTML via vectors related to the (1) tag or (2) user search forms.
Ссылки
- Vendor Advisory
- ExploitPatch
- ExploitPatch
- Vendor Advisory
- ExploitPatch
- ExploitPatch
Уязвимые конфигурации
Конфигурация 1Версия до 0.7.48 (включая)
Одно из
cpe:2.3:a:askbot:askbot:*:*:*:*:*:*:*:*
cpe:2.3:a:askbot:askbot:0.7.40:*:*:*:*:*:*:*
cpe:2.3:a:askbot:askbot:0.7.41:*:*:*:*:*:*:*
cpe:2.3:a:askbot:askbot:0.7.42:*:*:*:*:*:*:*
cpe:2.3:a:askbot:askbot:0.7.43:*:*:*:*:*:*:*
cpe:2.3:a:askbot:askbot:0.7.44:*:*:*:*:*:*:*
cpe:2.3:a:askbot:askbot:0.7.45:*:*:*:*:*:*:*
cpe:2.3:a:askbot:askbot:0.7.46:*:*:*:*:*:*:*
cpe:2.3:a:askbot:askbot:0.7.47:*:*:*:*:*:*:*
EPSS
Процентиль: 61%
0.00421
Низкий
4.3 Medium
CVSS2
Дефекты
CWE-79
Связанные уязвимости
debian
почти 12 лет назад
Multiple cross-site scripting (XSS) vulnerabilities in Askbot before 0 ...
github
больше 3 лет назад
Multiple cross-site scripting (XSS) vulnerabilities in Askbot before 0.7.49 allow remote attackers to inject arbitrary web script or HTML via vectors related to the (1) tag or (2) user search forms.
EPSS
Процентиль: 61%
0.00421
Низкий
4.3 Medium
CVSS2
Дефекты
CWE-79