exploitDog

CVE-2019-9110

Опубликовано: 25 фев. 2019

Источник: nvd

CVSS3: 6.1

CVSS2: 4.3

EPSS Низкий

Описание

XSS exists in WUZHI CMS 4.1.0 via index.php?m=content&f=postinfo&v=listing&set_iframe=[XSS] to coreframe/app/content/postinfo.php.

Ссылки

https://gist.github.com/redeye5/470708bd27ed115b29d0434255b9f7a0
Exploit
Third Party Advisory
https://github.com/wuzhicms/wuzhicms/issues/170
Exploit
Issue Tracking
Third Party Advisory
https://gist.github.com/redeye5/470708bd27ed115b29d0434255b9f7a0
Exploit
Third Party Advisory
https://github.com/wuzhicms/wuzhicms/issues/170
Exploit
Issue Tracking
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:wuzhicms:wuzhicms:4.1.0:*:*:*:*:*:*:*

EPSS

Процентиль: 45%

0.00223

Низкий

6.1 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-25m9-9gxh-9544

CVSS3: 6.1

github

больше 3 лет назад

XSS exists in WUZHI CMS 4.1.0 via index.php?m=content&f=postinfo&v=listing&set_iframe=[XSS] to coreframe/app/content/postinfo.php.

EPSS

Процентиль: 45%

0.00223

Низкий

6.1 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-79