Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2018-1000998

Опубликовано: 04 фев. 2019
Источник: nvd
CVSS3: 6.1
CVSS2: 4.3
EPSS Низкий

Описание

FreeBSD CVSweb version 2.x contains a Cross Site Scripting (XSS) vulnerability in all pages that can result in limited impact--CVSweb is anonymous & read-only. It might impact other sites on same domain. This attack appears to be exploitable via victim must load specially crafted url. This vulnerability appears to have been fixed in 3.x.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:freebsd:cvsweb:*:*:*:*:*:*:*:*
Версия от 2.0.4 (включая) до 2.0.6 (включая)

EPSS

Процентиль: 49%
0.00262
Низкий

6.1 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

ubuntu логотип

CVE-2018-1000998

CVSS3: 6.1
ubuntu
около 7 лет назад

FreeBSD CVSweb version 2.x contains a Cross Site Scripting (XSS) vulnerability in all pages that can result in limited impact--CVSweb is anonymous & read-only. It might impact other sites on same domain. This attack appears to be exploitable via victim must load specially crafted url. This vulnerability appears to have been fixed in 3.x.

debian логотип

CVE-2018-1000998

CVSS3: 6.1
debian
около 7 лет назад

FreeBSD CVSweb version 2.x contains a Cross Site Scripting (XSS) vulne ...

github логотип

GHSA-mxq7-h42w-wh9g

CVSS3: 6.1
github
больше 3 лет назад

FreeBSD CVSweb version 2.x contains a Cross Site Scripting (XSS) vulnerability in all pages that can result in limited impact--CVSweb is anonymous & read-only. It might impact other sites on same domain. This attack appears to be exploitable via victim must load specially crafted url. This vulnerability appears to have been fixed in 3.x.

EPSS

Процентиль: 49%
0.00262
Низкий

6.1 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-79