CVE-2019-6979

Опубликовано: 28 янв. 2019

Источник: nvd

CVSS3: 6.1

CVSS2: 4.3

EPSS Низкий

Описание

An issue was discovered in the User IP History Logs (aka IP_History_Logs) plugin 1.0.2 for MyBB. There is XSS via the admin/modules/tools/ip_history_logs.php useragent field.

Ссылки

https://github.com/JeremyCrookshank/IP_History_Logs/pull/1
Patch
Third Party Advisory
https://www.exploit-db.com/exploits/46273/
Exploit
Third Party Advisory
https://github.com/JeremyCrookshank/IP_History_Logs/pull/1
Patch
Third Party Advisory
https://www.exploit-db.com/exploits/46273/
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:ip_history_logs_project:ip_history_logs:1.0.2:*:*:*:*:mybb:*:*

EPSS

Процентиль: 65%

0.00494

Низкий

6.1 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-w3q6-7cqg-7vxc