CVE-2015-4541

Опубликовано: 26 сент. 2015

Источник: nvd

CVSS2: 3.5

EPSS Низкий

Описание

Multiple cross-site scripting (XSS) vulnerabilities in EMC RSA Archer GRC 5.x before 5.5.3 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

Ссылки

http://packetstormsecurity.com/files/133682/RSA-Archer-GRC-5.5.3-XSS-Improper-Authorization-Information-Disclosure.html
Third Party Advisory
VDB Entry
http://seclists.org/bugtraq/2015/Sep/105
Third Party Advisory
http://www.securitytracker.com/id/1033649
Third Party Advisory
VDB Entry
http://packetstormsecurity.com/files/133682/RSA-Archer-GRC-5.5.3-XSS-Improper-Authorization-Information-Disclosure.html
Third Party Advisory
VDB Entry
http://seclists.org/bugtraq/2015/Sep/105
Third Party Advisory
http://www.securitytracker.com/id/1033649
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:emc:rsa_archer_grc:5.5.0:*:*:*:*:*:*:*

cpe:2.3:a:emc:rsa_archer_grc:5.5.1:*:*:*:*:*:*:*

cpe:2.3:a:emc:rsa_archer_grc:5.5.2:*:*:*:*:*:*:*

EPSS

Процентиль: 56%

0.00336

Низкий

3.5 Low

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-2h5g-87fc-mwp6

github

больше 3 лет назад