CVE-2019-19612

Опубликовано: 16 мар. 2020

Источник: nvd

CVSS3: 5.4

CVSS2: 3.5

EPSS Низкий

Описание

An issue was discovered in Halvotec RaQuest 10.23.10801.0. Several features of the application allow stored Cross-site Scripting (XSS). Fixed in Release 24.2020.20608.0.

Ссылки

https://excellium-services.com/cert-xlm-advisory/
Third Party Advisory
https://excellium-services.com/cert-xlm-advisory/cve-2019-19612/
Product
Third Party Advisory
https://halvotec.de/produkte/raquest/
Vendor Advisory
https://excellium-services.com/cert-xlm-advisory/
Third Party Advisory
https://excellium-services.com/cert-xlm-advisory/cve-2019-19612/
Product
Third Party Advisory
https://halvotec.de/produkte/raquest/
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:halvotec:raquest:10.23.10801.0:*:*:*:*:*:*:*

EPSS

Процентиль: 66%

0.00504

Низкий

5.4 Medium

CVSS3

3.5 Low

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-7hc8-qwf2-9wvv

github

больше 3 лет назад

** DISPUTED ** An issue was discovered in Halvotec RaQuest 10.23.10801.0. Several features of the application allow stored Cross-site Scripting (XSS). NOTE: the vendor does not recognize this issue and will not patch it.