Описание
A Cross Site Scripting (XSS) issue was discovered in the search feature of DedeCMS v.5.8 that allows malicious users to inject code into web pages, and other users will be affected when viewing web pages.
Ссылки
- ExploitThird Party AdvisoryVDB Entry
- ExploitIssue TrackingThird Party Advisory
- ExploitThird Party AdvisoryVDB Entry
- ExploitIssue TrackingThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:dedecms:dedecms:5.8:*:*:*:*:*:*:*
EPSS
Процентиль: 70%
0.00629
Низкий
5.4 Medium
CVSS3
3.5 Low
CVSS2
Дефекты
CWE-79
Связанные уязвимости
CVSS3: 5.4
github
больше 3 лет назад
A Cross Site Scripting (XSS) issue was discovered in the search feature of DedeCMS v.5.8 that allows malicious users to inject code into web pages, and other users will be affected when viewing web pages.
EPSS
Процентиль: 70%
0.00629
Низкий
5.4 Medium
CVSS3
3.5 Low
CVSS2
Дефекты
CWE-79