exploitDog

CVE-2020-11734

Опубликовано: 13 апр. 2020

Источник: nvd

CVSS3: 6.1

CVSS2: 4.3

EPSS Низкий

Описание

cgi-bin/go in CyberSolutions CyberMail 5 or later allows XSS via the ACTION parameter.

Ссылки

https://gist.github.com/tonykuo76/d2480727faeb768a97800db3058dceed
Exploit
Third Party Advisory
https://www.chtsecurity.com/news/6b907733-c475-4504-b3b7-793442d34335
Third Party Advisory
https://www.cybersolutions.co.jp/product/cybermail/
Vendor Advisory
https://gist.github.com/tonykuo76/d2480727faeb768a97800db3058dceed
Exploit
Third Party Advisory
https://www.chtsecurity.com/news/6b907733-c475-4504-b3b7-793442d34335
Third Party Advisory
https://www.cybersolutions.co.jp/product/cybermail/
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:cybersolutions:cybermail:*:*:*:*:*:*:*:*

Версия от 5.0 (включая)

cpe:2.3:a:cybersolutions:cybermail:5.0:-:*:*:*:*:*:*

EPSS

Процентиль: 67%

0.00528

Низкий

6.1 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-8rgq-qjc8-jj5v

github

больше 3 лет назад

cgi-bin/go in CyberSolutions CyberMail 5 or later allows XSS via the ACTION parameter.

EPSS

Процентиль: 67%

0.00528

Низкий

6.1 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-79