Описание
Dropouts Technologies LLP Air Share v1.2 was discovered to contain a cross-site scripting (XSS) vulnerability in the path parameter of the list and download exception-handling. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted GET request.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:dropouts:air_share:1.2:*:*:*:*:ipados:*:*
cpe:2.3:a:dropouts:air_share:1.2:*:*:*:*:iphone_os:*:*
EPSS
Процентиль: 55%
0.00328
Низкий
6.1 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-79
Связанные уязвимости
github
больше 3 лет назад
Dropouts Technologies LLP Air Share v1.2 was discovered to contain a cross-site scripting (XSS) vulnerability in the path parameter of the `list` and `download` exception-handling. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted GET request.
EPSS
Процентиль: 55%
0.00328
Низкий
6.1 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-79