Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2018-1000526

Опубликовано: 26 июн. 2018
Источник: nvd
CVSS3: 7.5
CVSS2: 5
EPSS Низкий

Описание

Openpsa contains a XML Injection vulnerability in RSS file upload feature that can result in Remote denial of service. This attack appear to be exploitable via Specially crafted XML file. This vulnerability appears to have been fixed in after commit 4974a26.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:openpsa2:openpsa:-:*:*:*:*:*:*:*

EPSS

Процентиль: 73%
0.00789
Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-91

Связанные уязвимости

github логотип

GHSA-w53c-vmpf-rrj7

CVSS3: 7.5
github
больше 3 лет назад

Openpsa contains a XML Injection vulnerability in RSS file upload feature that can result in Remote denial of service. This attack appear to be exploitable via Specially crafted XML file. This vulnerability appears to have been fixed in after commit 4974a26.

EPSS

Процентиль: 73%
0.00789
Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-91