exploitDog

CVE-2020-35664

Опубликовано: 22 фев. 2021

Источник: nvd

CVSS3: 6.1

CVSS2: 4.3

EPSS Низкий

Описание

An issue was discovered in Acronis Cyber Protect before 15 Update 1 build 26172. There is cross-site scripting (XSS) in the console.

Ссылки

https://dl.managed-protection.com/u/cyberprotect/rn/15/user/en-US/AcronisCyberProtect15_relnotes.htm
Release Notes
Third Party Advisory
https://www.acronis.com
Vendor Advisory
https://dl.managed-protection.com/u/cyberprotect/rn/15/user/en-US/AcronisCyberProtect15_relnotes.htm
Release Notes
Third Party Advisory
https://www.acronis.com
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:acronis:cyber_protect:*:*:*:*:*:*:*:*

Версия до 15 (исключая)

cpe:2.3:a:acronis:cyber_protect:15:-:*:*:*:*:*:*

EPSS

Процентиль: 54%

0.00317

Низкий

6.1 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-3m7j-m5w9-6wr7

github

больше 3 лет назад

An issue was discovered in Acronis Cyber Protect before 15 Update 1 build 26172. There is cross-site scripting (XSS) in the console.

EPSS

Процентиль: 54%

0.00317

Низкий

6.1 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-79