exploitDog

CVE-2016-2139

Опубликовано: 28 июл. 2022

Источник: nvd

CVSS3: 6.4

EPSS Низкий

Описание

In kippo-graph before version 1.5.1, there is a cross-site scripting vulnerability in $file_link in class/KippoInput.class.php.

Ссылки

https://github.com/ikoniaris/kippo-graph/commit/e6587ec598902763110b70c8bd0a72f7951b4997
Patch
Third Party Advisory
https://github.com/ikoniaris/kippo-graph/issues/35
Exploit
Issue Tracking
Third Party Advisory
https://github.com/ikoniaris/kippo-graph/commit/e6587ec598902763110b70c8bd0a72f7951b4997
Patch
Third Party Advisory
https://github.com/ikoniaris/kippo-graph/issues/35
Exploit
Issue Tracking
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:kippo-graph_project:kippo-graph:*:*:*:*:*:*:*:*

Версия до 1.5.1 (исключая)

EPSS

Процентиль: 42%

0.00198

Низкий

6.4 Medium

CVSS3

Дефекты

CWE-79

CWE-79

Связанные уязвимости

GHSA-c4h9-r99w-3vw3

CVSS3: 6.4

github

больше 3 лет назад

In kippo-graph before version 1.5.1, there is a cross-site scripting vulnerability in $file_link in class/KippoInput.class.php.

EPSS

Процентиль: 42%

0.00198

Низкий

6.4 Medium

CVSS3

Дефекты

CWE-79

CWE-79