exploitDog

CVE-2020-9299

Опубликовано: 09 нояб. 2020

Источник: nvd

CVSS3: 5.4

CVSS2: 3.5

EPSS Низкий

Описание

There were XSS vulnerabilities discovered and reported in the Dispatch application, affecting name and description parameters of Incident Priority, Incident Type, Tag Type, and Incident Filter. This vulnerability can be exploited by an authenticated user.

Ссылки

https://github.com/Netflix/dispatch/releases/tag/v20201106
Third Party Advisory
https://github.com/Netflix/security-bulletins/blob/master/advisories/nflx-2020-004.md
Third Party Advisory
https://github.com/Netflix/dispatch/releases/tag/v20201106
Third Party Advisory
https://github.com/Netflix/security-bulletins/blob/master/advisories/nflx-2020-004.md
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:netflix:dispatch:*:*:*:*:*:*:*:*

Версия до 20201106 (исключая)

EPSS

Процентиль: 63%

0.00444

Низкий

5.4 Medium

CVSS3

3.5 Low

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-wgmg-xwg9-fhqf

github

больше 3 лет назад

There were XSS vulnerabilities discovered and reported in the Dispatch application, affecting name and description parameters of Incident Priority, Incident Type, Tag Type, and Incident Filter. This vulnerability can be exploited by an authenticated user.

EPSS

Процентиль: 63%

0.00444

Низкий

5.4 Medium

CVSS3

3.5 Low

CVSS2

Дефекты

CWE-79