CVE-2015-0298

Опубликовано: 24 авг. 2015

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

Cross-site scripting (XSS) vulnerability in the manager web interface in mod_cluster before 1.3.2.Alpha1 allows remote attackers to inject arbitrary web script or HTML via a crafted MCMP message.

Ссылки

http://rhn.redhat.com/errata/RHSA-2015-1641.html
Vendor Advisory
http://rhn.redhat.com/errata/RHSA-2015-1642.html
Vendor Advisory
https://issues.jboss.org/browse/MODCLUSTER-453
http://rhn.redhat.com/errata/RHSA-2015-1641.html
Vendor Advisory
http://rhn.redhat.com/errata/RHSA-2015-1642.html
Vendor Advisory
https://issues.jboss.org/browse/MODCLUSTER-453

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:redhat:mod_cluster:*:*:*:*:*:*:*:*

Версия до 1.3.1 (включая)

EPSS

Процентиль: 55%

0.00322

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

CVE-2015-0298

redhat

почти 11 лет назад

Cross-site scripting (XSS) vulnerability in the manager web interface in mod_cluster before 1.3.2.Alpha1 allows remote attackers to inject arbitrary web script or HTML via a crafted MCMP message.

CVE-2015-0298

debian

больше 10 лет назад

Cross-site scripting (XSS) vulnerability in the manager web interface ...

GHSA-hf4r-6f6g-9rgp

github

больше 3 лет назад

Cross-site scripting (XSS) vulnerability in the manager web interface in mod_cluster before 1.3.2.Alpha1 allows remote attackers to inject arbitrary web script or HTML via a crafted MCMP message.

EPSS

Процентиль: 55%

0.00322

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-79