Описание
Cross-site scripting vulnerability in Exment prior to v3.6.0 allows remote authenticated attackers to inject arbitrary script or HTML via a specially crafted file.
Ссылки
- Vendor Advisory
- Third Party Advisory
- Vendor Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 3.6.0 (исключая)
cpe:2.3:a:exceedone:exment:*:*:*:*:*:*:*:*
EPSS
Процентиль: 42%
0.00203
Низкий
5.4 Medium
CVSS3
3.5 Low
CVSS2
Дефекты
CWE-79
Связанные уязвимости
github
больше 3 лет назад
Cross-site scripting vulnerability in Exment prior to v3.6.0 allows remote authenticated attackers to inject arbitrary script or HTML via a specially crafted file.
EPSS
Процентиль: 42%
0.00203
Низкий
5.4 Medium
CVSS3
3.5 Low
CVSS2
Дефекты
CWE-79