exploitDog

CVE-2019-15227

Опубликовано: 20 авг. 2019

Источник: nvd

CVSS3: 6.1

CVSS2: 4.3

EPSS Низкий

Описание

FlightPath 4.8.3 has XSS in the Content, Edit urgent message, and Users sections of the Admin Console. This could lead to cookie stealing and other malicious actions.

Ссылки

https://www.sevenlayers.com/index.php/236-flightpath-4-8-3-xss
Exploit
Third Party Advisory
https://www.sevenlayers.com/index.php/236-flightpath-4-8-3-xss
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:getflightpath:flightpath:4.8.3:*:*:*:*:*:*:*

EPSS

Процентиль: 47%

0.0024

Низкий

6.1 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-qw2j-9vc5-rrxc

CVSS3: 6.1

github

больше 3 лет назад

FlightPath 4.8.3 has XSS in the Content, Edit urgent message, and Users sections of the Admin Console. This could lead to cookie stealing and other malicious actions.

EPSS

Процентиль: 47%

0.0024

Низкий

6.1 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-79