Описание
Indeo Otter through 1.7.4 mishandles a "" substring in an initial DP payload, which allows remote attackers to cause a denial of service (crash) or possibly have unspecified other impact, as demonstrated by the Plan Editor.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.7.4 (включая)
cpe:2.3:a:inedo:otter:*:*:*:*:*:*:*:*
EPSS
Процентиль: 71%
0.00689
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-20
Связанные уязвимости
CVSS3: 9.8
github
больше 3 лет назад
Indeo Otter through 1.7.4 mishandles a "</script>" substring in an initial DP payload, which allows remote attackers to cause a denial of service (crash) or possibly have unspecified other impact, as demonstrated by the Plan Editor.
EPSS
Процентиль: 71%
0.00689
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-20