Описание
Coastercms v5.8.18 is affected by cross-site Scripting (XSS). A user can steal a cookie and make the user redirect to any malicious website because it is trigged on the main home page of the product/application.
Ссылки
- Broken LinkProductVendor Advisory
- Permissions RequiredProductVendor Advisory
- Permissions RequiredProductVendor Advisory
- Broken LinkProductVendor Advisory
- ExploitThird Party AdvisoryVDB Entry
- Broken LinkProductVendor Advisory
- Permissions RequiredProductVendor Advisory
- Permissions RequiredProductVendor Advisory
- Broken LinkProductVendor Advisory
- ExploitThird Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:coastercms:coastercms:5.8.18:*:*:*:*:*:*:*
EPSS
Процентиль: 62%
0.00432
Низкий
5.4 Medium
CVSS3
3.5 Low
CVSS2
Дефекты
CWE-79
Связанные уязвимости
github
больше 3 лет назад
Coastercms v5.8.18 is affected by cross-site Scripting (XSS). A user can steal a cookie and make the user redirect to any malicious website because it is trigged on the main home page of the product/application.
EPSS
Процентиль: 62%
0.00432
Низкий
5.4 Medium
CVSS3
3.5 Low
CVSS2
Дефекты
CWE-79