exploitDog

CVE-2019-19678

Опубликовано: 09 дек. 2019

Источник: nvd

CVSS3: 5.4

CVSS2: 3.5

EPSS Низкий

Описание

In "Xray Test Management for Jira" prior to version 3.5.5, remote authenticated attackers can cause XSS in the generic field entry point via the Generic Test Definition field of a new Generic Test issue.

Ссылки

https://jira.xpand-it.com/browse/XRAY-4692
Exploit
Vendor Advisory
https://jira.xpand-it.com/browse/XRAY-4692
Exploit
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:xpand-it:xray_test_mangaement:*:*:*:*:*:jira:*:*

Версия до 3.5.5 (исключая)

EPSS

Процентиль: 48%

0.00246

Низкий

5.4 Medium

CVSS3

3.5 Low

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-4wmp-vxgh-6898

github

больше 3 лет назад

In "Xray Test Management for Jira" prior to version 3.5.5, remote authenticated attackers can cause XSS in the generic field entry point via the Generic Test Definition field of a new Generic Test issue.

EPSS

Процентиль: 48%

0.00246

Низкий

5.4 Medium

CVSS3

3.5 Low

CVSS2

Дефекты

CWE-79