exploitDog

CVE-2020-15179

Опубликовано: 15 сент. 2020

Источник: nvd

CVSS3: 8

CVSS3: 9

CVSS2: 4.6

EPSS Низкий

Описание

The ScratchSig extension for MediaWiki before version 1.0.1 allows stored Cross-Site Scripting. Using

Ссылки

https://github.com/InternationalScratchWiki/wiki-scratchsig/commit/4160a39a20eebeb63a59eb7597a91b961eca6388
Patch
Third Party Advisory
https://github.com/InternationalScratchWiki/wiki-scratchsig/security/advisories/GHSA-gp9v-pg9f-vmp6
Third Party Advisory
https://github.com/InternationalScratchWiki/wiki-scratchsig/commit/4160a39a20eebeb63a59eb7597a91b961eca6388
Patch
Third Party Advisory
https://github.com/InternationalScratchWiki/wiki-scratchsig/security/advisories/GHSA-gp9v-pg9f-vmp6
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:scratch-wiki:scratchsig:*:*:*:*:*:mediawiki:*:*

Версия до 1.0.1 (исключая)

EPSS

Процентиль: 62%

0.00433

Низкий

8 High

CVSS3

9 Critical

CVSS3

4.6 Medium

CVSS2

Дефекты

CWE-79

EPSS

Процентиль: 62%

0.00433

Низкий

8 High

CVSS3

9 Critical

CVSS3

4.6 Medium

CVSS2

Дефекты

CWE-79