Описание
Cross Site Scriptiong vulnerabilityin Screenly screenly-ose all versions, including v1.8.2 (2019-09-25-Screenly-OSE-lite.img), in the 'Add Asset' page via manipulation of a 'URL' field, which could let a remote malicious user execute arbitrary code.
Ссылки
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:screenly:screenly:0.9:*:*:*:ose:*:*:*
cpe:2.3:a:screenly:screenly:0.9.1:*:*:*:ose:*:*:*
cpe:2.3:a:screenly:screenly:0.10:*:*:*:ose:*:*:*
cpe:2.3:a:screenly:screenly:0.11:*:*:*:ose:*:*:*
cpe:2.3:a:screenly:screenly:0.12:*:*:*:ose:*:*:*
cpe:2.3:a:screenly:screenly:0.12.1:*:*:*:ose:*:*:*
cpe:2.3:a:screenly:screenly:0.13:*:*:*:ose:*:*:*
cpe:2.3:a:screenly:screenly:0.14:*:*:*:ose:*:*:*
cpe:2.3:a:screenly:screenly:0.15:*:*:*:ose:*:*:*
cpe:2.3:a:screenly:screenly:0.15.1:*:*:*:ose:*:*:*
cpe:2.3:a:screenly:screenly:0.16:*:*:*:ose:*:*:*
cpe:2.3:a:screenly:screenly:0.17:*:*:*:ose:*:*:*
cpe:2.3:a:screenly:screenly:0.18:*:*:*:ose:*:*:*
cpe:2.3:a:screenly:screenly:0.18.1:*:*:*:ose:*:*:*
cpe:2.3:a:screenly:screenly:0.18.2:*:*:*:ose:*:*:*
EPSS
Процентиль: 48%
0.0025
Низкий
5.4 Medium
CVSS3
3.5 Low
CVSS2
Дефекты
CWE-79
Связанные уязвимости
github
больше 3 лет назад
Cross Site Scriptiong vulnerabilityin Screenly screenly-ose all versions, including v1.8.2 (2019-09-25-Screenly-OSE-lite.img), in the 'Add Asset' page via manipulation of a 'URL' field, which could let a remote malicious user execute arbitrary code.
EPSS
Процентиль: 48%
0.0025
Низкий
5.4 Medium
CVSS3
3.5 Low
CVSS2
Дефекты
CWE-79