exploitDog

CVE-2019-4301

Опубликовано: 28 фев. 2020

Источник: nvd

CVSS3: 8.4

CVSS2: 6

EPSS Низкий

Описание

BigFix Self-Service Application (SSA) is vulnerable to arbitrary code execution if Javascript code is included in Running Message or Post Message HTML.

Ссылки

https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0076139
Third Party Advisory
https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0076139
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:hcltech:self-service_application:3.0.0:*:*:*:*:*:*:*

EPSS

Процентиль: 67%

0.00528

Низкий

8.4 High

CVSS3

6 Medium

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

GHSA-29wf-fqjv-94f8

github

больше 3 лет назад

BigFix Self-Service Application (SSA) is vulnerable to arbitrary code execution if Javascript code is included in Running Message or Post Message HTML.

EPSS

Процентиль: 67%

0.00528

Низкий

8.4 High

CVSS3

6 Medium

CVSS2

Дефекты

NVD-CWE-noinfo