Описание
An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.2. There is an outdated and unused component allowing for malicious user input of active code.
Ссылки
- Third Party Advisory
- Vendor Advisory
- Third Party Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2.6.2 (включая)Версия до 2.6.2 (включая)
Одно из
cpe:2.3:a:mbconnectline:mbconnect24:*:*:*:*:*:*:*:*
cpe:2.3:a:mbconnectline:mymbconnect24:*:*:*:*:*:*:*:*
EPSS
Процентиль: 51%
0.00283
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-74
Связанные уязвимости
github
больше 3 лет назад
An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.2. There is an outdated and unused component allowing for malicious user input of active code.
EPSS
Процентиль: 51%
0.00283
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-74