CVE-2015-5282

Опубликовано: 25 сент. 2017

Источник: nvd

CVSS3: 6.1

CVSS2: 4.3

EPSS Низкий

Описание

Cross-site scripting (XSS) vulnerability in Foreman 1.7.0 and after.

Ссылки

http://projects.theforeman.org/issues/11859
Issue Tracking
Patch
Third Party Advisory
http://www.openwall.com/lists/oss-security/2015/09/21/3
Mailing List
Patch
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1264221
Issue Tracking
Patch
Third Party Advisory
https://github.com/theforeman/foreman/commit/4f3555b217be8723e8045f9816d147b5f684ec57
Issue Tracking
Patch
Third Party Advisory
https://theforeman.org/security.html#2015-5282
Patch
Vendor Advisory
http://projects.theforeman.org/issues/11859
Issue Tracking
Patch
Third Party Advisory
http://www.openwall.com/lists/oss-security/2015/09/21/3
Mailing List
Patch
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1264221
Issue Tracking
Patch
Third Party Advisory
https://github.com/theforeman/foreman/commit/4f3555b217be8723e8045f9816d147b5f684ec57
Issue Tracking
Patch
Third Party Advisory
https://theforeman.org/security.html#2015-5282
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:theforeman:foreman:1.7.0:*:*:*:*:*:*:*

cpe:2.3:a:theforeman:foreman:1.7.1:*:*:*:*:*:*:*

cpe:2.3:a:theforeman:foreman:1.7.2:*:*:*:*:*:*:*

cpe:2.3:a:theforeman:foreman:1.7.3:*:*:*:*:*:*:*

cpe:2.3:a:theforeman:foreman:1.7.4:*:*:*:*:*:*:*

cpe:2.3:a:theforeman:foreman:1.7.5:*:*:*:*:*:*:*

cpe:2.3:a:theforeman:foreman:1.8.0:*:*:*:*:*:*:*

cpe:2.3:a:theforeman:foreman:1.8.1:*:*:*:*:*:*:*

cpe:2.3:a:theforeman:foreman:1.8.2:*:*:*:*:*:*:*

cpe:2.3:a:theforeman:foreman:1.8.3:*:*:*:*:*:*:*

cpe:2.3:a:theforeman:foreman:1.8.4:*:*:*:*:*:*:*

cpe:2.3:a:theforeman:foreman:1.9.0:*:*:*:*:*:*:*

cpe:2.3:a:theforeman:foreman:1.9.1:*:*:*:*:*:*:*

cpe:2.3:a:theforeman:foreman:1.9.2:*:*:*:*:*:*:*

cpe:2.3:a:theforeman:foreman:1.9.3:*:*:*:*:*:*:*

cpe:2.3:a:theforeman:foreman:1.10.0:*:*:*:*:*:*:*

cpe:2.3:a:theforeman:foreman:1.10.1:*:*:*:*:*:*:*

cpe:2.3:a:theforeman:foreman:1.10.2:*:*:*:*:*:*:*

cpe:2.3:a:theforeman:foreman:1.10.3:*:*:*:*:*:*:*

cpe:2.3:a:theforeman:foreman:1.10.4:*:*:*:*:*:*:*

cpe:2.3:a:theforeman:foreman:1.11.0:*:*:*:*:*:*:*

cpe:2.3:a:theforeman:foreman:1.11.1:*:*:*:*:*:*:*

cpe:2.3:a:theforeman:foreman:1.11.2:*:*:*:*:*:*:*

cpe:2.3:a:theforeman:foreman:1.11.3:*:*:*:*:*:*:*

cpe:2.3:a:theforeman:foreman:1.11.4:*:*:*:*:*:*:*

cpe:2.3:a:theforeman:foreman:1.12.0:*:*:*:*:*:*:*

cpe:2.3:a:theforeman:foreman:1.12.1:*:*:*:*:*:*:*

cpe:2.3:a:theforeman:foreman:1.12.2:*:*:*:*:*:*:*

cpe:2.3:a:theforeman:foreman:1.12.3:*:*:*:*:*:*:*

cpe:2.3:a:theforeman:foreman:1.12.4:*:*:*:*:*:*:*

cpe:2.3:a:theforeman:foreman:1.13.0:*:*:*:*:*:*:*

cpe:2.3:a:theforeman:foreman:1.13.1:*:*:*:*:*:*:*

cpe:2.3:a:theforeman:foreman:1.13.2:*:*:*:*:*:*:*

cpe:2.3:a:theforeman:foreman:1.13.3:*:*:*:*:*:*:*

cpe:2.3:a:theforeman:foreman:1.13.4:*:*:*:*:*:*:*

cpe:2.3:a:theforeman:foreman:1.14.0:*:*:*:*:*:*:*

cpe:2.3:a:theforeman:foreman:1.14.1:*:*:*:*:*:*:*

cpe:2.3:a:theforeman:foreman:1.14.2:*:*:*:*:*:*:*

cpe:2.3:a:theforeman:foreman:1.14.3:*:*:*:*:*:*:*

cpe:2.3:a:theforeman:foreman:1.15.0:*:*:*:*:*:*:*

cpe:2.3:a:theforeman:foreman:1.15.1:*:*:*:*:*:*:*

cpe:2.3:a:theforeman:foreman:1.15.2:*:*:*:*:*:*:*

cpe:2.3:a:theforeman:foreman:1.15.3:*:*:*:*:*:*:*

cpe:2.3:a:theforeman:foreman:1.15.4:*:*:*:*:*:*:*

cpe:2.3:a:theforeman:foreman:1.16.0:*:*:*:*:*:*:*

EPSS

Процентиль: 62%

0.00433

Низкий

6.1 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

CVE-2015-5282

redhat

больше 10 лет назад

Cross-site scripting (XSS) vulnerability in Foreman 1.7.0 and after.

CVE-2015-5282

CVSS3: 6.1

debian

больше 8 лет назад

Cross-site scripting (XSS) vulnerability in Foreman 1.7.0 and after.

GHSA-75rp-c7cc-g6jh

CVSS3: 6.1

github

больше 3 лет назад

Cross-site scripting (XSS) vulnerability in Foreman 1.7.0 and after.

EPSS

Процентиль: 62%

0.00433

Низкий

6.1 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-79