exploitDog

CVE-2019-17629

Опубликовано: 16 окт. 2019

Источник: nvd

CVSS3: 4.8

CVSS2: 3.5

EPSS Низкий

Описание

CMS Made Simple (CMSMS) 2.2.11 allows stored XSS by an admin via a crafted image filename on the "file manager > upload images" screen.

Ссылки

http://dev.cmsmadesimple.org/bug/view/12146
Exploit
Vendor Advisory
https://forum.cmsmadesimple.org/viewforum.php?f=1
Vendor Advisory
http://dev.cmsmadesimple.org/bug/view/12146
Exploit
Vendor Advisory
https://forum.cmsmadesimple.org/viewforum.php?f=1
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:cmsmadesimple:cms_made_simple:2.2.11:*:*:*:*:*:*:*

EPSS

Процентиль: 58%

0.00359

Низкий

4.8 Medium

CVSS3

3.5 Low

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-43gp-53vg-4cr3

github

больше 3 лет назад

CMS Made Simple (CMSMS) 2.2.11 allows stored XSS by an admin via a crafted image filename on the "file manager > upload images" screen.

EPSS

Процентиль: 58%

0.00359

Низкий

4.8 Medium

CVSS3

3.5 Low

CVSS2

Дефекты

CWE-79