Описание
Pepperminty-Wiki version 0.15 is vulnerable to XXE attacks in the getsvgsize function resulting in denial of service and possibly remote code execution
Ссылки
- Issue TrackingThird Party Advisory
- Issue TrackingThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:pepperminty-wiki_project:pepperminty-wiki:0.15:-:*:*:*:*:*:*
EPSS
Процентиль: 81%
0.01553
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-611
Связанные уязвимости
CVSS3: 9.8
github
больше 3 лет назад
Pepperminty-Wiki version 0.15 is vulnerable to XXE attacks in the getsvgsize function resulting in denial of service and possibly remote code execution
EPSS
Процентиль: 81%
0.01553
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-611