Описание
In CSS Validator less than or equal to commit 54d68a1, there is a cross-site scripting vulnerability in handling URIs. A user would have to click on a specifically crafted validator link to trigger it. This has been patched in commit e5c09a9.
Ссылки
- Patch
- Vendor Advisory
- Patch
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2020-01-19 (включая)
cpe:2.3:a:w3c:css_validator:*:*:*:*:*:*:*:*
EPSS
Процентиль: 56%
0.00343
Низкий
4.6 Medium
CVSS3
5.4 Medium
CVSS3
3.5 Low
CVSS2
Дефекты
CWE-79
EPSS
Процентиль: 56%
0.00343
Низкий
4.6 Medium
CVSS3
5.4 Medium
CVSS3
3.5 Low
CVSS2
Дефекты
CWE-79