exploitDog

CVE-2019-20003

Опубликовано: 17 янв. 2020

Источник: nvd

CVSS3: 6.1

CVSS2: 4.3

EPSS Низкий

Описание

Feldtech easescreen Crystal 9.0 Web-Services 9.0.1.16265 allows Stored XSS via the Debug-Log and Display-Log components. This could be exploited when an attacker sends an crafted string for FTP authentication.

Ссылки

https://easescreen.com/en/
Vendor Advisory
https://github.com/0xedh/someshit/blob/master/CVE-2019-20003.md
Exploit
Third Party Advisory
https://easescreen.com/en/
Vendor Advisory
https://github.com/0xedh/someshit/blob/master/CVE-2019-20003.md
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:dicube:easescreen_crystal:9.0.1.16265:*:*:*:*:*:*:*

EPSS

Процентиль: 59%

0.00378

Низкий

6.1 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-cp35-58g8-mpmh

github

больше 3 лет назад

Feldtech easescreen Crystal 9.0 Web-Services 9.0.1.16265 allows Stored XSS via the Debug-Log and Display-Log components. This could be exploited when an attacker sends an crafted string for FTP authentication.

EPSS

Процентиль: 59%

0.00378

Низкий

6.1 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-79