CVE-2015-10058

Опубликовано: 17 янв. 2023

Источник: nvd

CVSS3: 3.5

CVSS3: 6.1

CVSS2: 4

EPSS Низкий

Описание

A vulnerability, which was classified as problematic, was found in Wikisource Category Browser. This affects an unknown part of the file index.php. The manipulation of the argument lang leads to cross site scripting. It is possible to initiate the attack remotely. The patch is named 764f4e8ce3f9242637df77530c70ae8a2ec4b6a1. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-218415.

Ссылки

https://github.com/wikisource/ws-cat-browser/commit/764f4e8ce3f9242637df77530c70ae8a2ec4b6a1
Patch
Third Party Advisory
https://vuldb.com/?ctiid.218415
Third Party Advisory
VDB Entry
https://vuldb.com/?id.218415
Permissions Required
Third Party Advisory
VDB Entry
https://github.com/wikisource/ws-cat-browser/commit/764f4e8ce3f9242637df77530c70ae8a2ec4b6a1
Patch
Third Party Advisory
https://vuldb.com/?ctiid.218415
Third Party Advisory
VDB Entry
https://vuldb.com/?id.218415
Permissions Required
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:mediawiki:wikisource_category_browser:*:*:*:*:*:*:*:*

Версия до 2015-07-10 (исключая)

EPSS

Процентиль: 55%

0.00322

Низкий

3.5 Low

CVSS3

6.1 Medium

CVSS3

4 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-qwg7-567c-7x2f

CVSS3: 6.1

github

около 3 лет назад

A vulnerability, which was classified as problematic, was found in Wikisource Category Browser. This affects an unknown part of the file index.php. The manipulation of the argument lang leads to cross site scripting. It is possible to initiate the attack remotely. The name of the patch is 764f4e8ce3f9242637df77530c70ae8a2ec4b6a1. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-218415.

EPSS

Процентиль: 55%

0.00322

Низкий

3.5 Low

CVSS3

6.1 Medium

CVSS3

4 Medium

CVSS2

Дефекты

CWE-79