exploitDog

CVE-2020-15016

Опубликовано: 26 июн. 2020

Источник: nvd

CVSS3: 6.1

CVSS2: 4.3

EPSS Низкий

Описание

NeDi 1.9C is vulnerable to reflected cross-site scripting. The Other-Converter.php file improperly validates user input. An attacker can exploit this vulnerability by crafting arbitrary JavaScript in the txt GET parameter.

Ссылки

https://gist.github.com/PreethamBomma/9c3eb4a6f5188a67c94306dd9c9f23ca
Third Party Advisory
https://gist.github.com/PreethamBomma/9c3eb4a6f5188a67c94306dd9c9f23ca
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:nedi:nedi:1.9c:*:*:*:*:*:*:*

EPSS

Процентиль: 47%

0.0024

Низкий

6.1 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-48hq-9r3c-x55w

github

больше 3 лет назад

NeDi 1.9C is vulnerable to reflected cross-site scripting. The Other-Converter.php file improperly validates user input. An attacker can exploit this vulnerability by crafting arbitrary JavaScript in the txt GET parameter.

EPSS

Процентиль: 47%

0.0024

Низкий

6.1 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-79