Описание
SnowHaze before 2.6.6 is sometimes too late to honor a per-site JavaScript blocking setting, which leads to unintended JavaScript execution via a chain of webpage redirections targeted to the user's browser configuration.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2.6.6 (исключая)
cpe:2.3:a:snowhaze:snowhaze:*:*:*:*:*:iphone_os:*:*
EPSS
Процентиль: 55%
0.00323
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-863
Связанные уязвимости
github
больше 3 лет назад
SnowHaze before 2.6.6 is sometimes too late to honor a per-site JavaScript blocking setting, which leads to unintended JavaScript execution via a chain of webpage redirections targeted to the user's browser configuration.
EPSS
Процентиль: 55%
0.00323
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-863