Описание
Artica Web Proxy before 3.06.112911 allows remote attackers to execute arbitrary code as root by conducting a cross-site scripting (XSS) attack involving the username-form-id parameter to freeradius.users.php.
Ссылки
- ExploitVendor Advisory
- ExploitThird Party AdvisoryVDB Entry
- ExploitMailing ListThird Party Advisory
- ExploitThird Party AdvisoryVDB Entry
- ExploitVendor Advisory
- ExploitThird Party AdvisoryVDB Entry
- ExploitMailing ListThird Party Advisory
- ExploitThird Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1Версия до 3.06.112911 (исключая)
cpe:2.3:a:articatech:artica_proxy:*:*:*:*:*:*:*:*
EPSS
Процентиль: 89%
0.04573
Низкий
9 Critical
CVSS3
8.5 High
CVSS2
Дефекты
CWE-78
Связанные уязвимости
CVSS3: 9
github
больше 3 лет назад
Artica Web Proxy before 3.06.112911 allows remote attackers to execute arbitrary code as root by conducting a cross-site scripting (XSS) attack involving the username-form-id parameter to freeradius.users.php.
EPSS
Процентиль: 89%
0.04573
Низкий
9 Critical
CVSS3
8.5 High
CVSS2
Дефекты
CWE-78