Описание
In Kaminari before 1.2.1, there is a vulnerability that would allow an attacker to inject arbitrary code into pages with pagination links. This has been fixed in 1.2.1.
Ссылки
- Broken Link
- PatchThird Party Advisory
- MitigationThird Party Advisory
- Mailing ListThird Party Advisory
- Third Party Advisory
- Broken Link
- PatchThird Party Advisory
- MitigationThird Party Advisory
- Mailing ListThird Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.2.1 (исключая)
cpe:2.3:a:kaminari_project:kaminari:*:*:*:*:*:*:*:*
Конфигурация 2
Одно из
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
EPSS
Процентиль: 63%
0.00452
Низкий
6.4 Medium
CVSS3
6.1 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-79
CWE-79
Связанные уязвимости
CVSS3: 6.4
ubuntu
больше 5 лет назад
In Kaminari before 1.2.1, there is a vulnerability that would allow an attacker to inject arbitrary code into pages with pagination links. This has been fixed in 1.2.1.
CVSS3: 6.4
debian
больше 5 лет назад
In Kaminari before 1.2.1, there is a vulnerability that would allow an ...
EPSS
Процентиль: 63%
0.00452
Низкий
6.4 Medium
CVSS3
6.1 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-79
CWE-79