Описание
Stored XSS injection vulnerabilities were discovered in the Avaya Aura Experience Portal Web management which could allow an authenticated user to potentially disclose sensitive information. Affected versions include 7.0 through 7.2.3 (without hotfix) and 8.0.0 (without hotfix).
Ссылки
- PatchVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 7.0 (включая) до 7.2.3 (включая)
Одно из
cpe:2.3:a:avaya:aura_experience_portal:*:*:*:*:*:*:*:*
cpe:2.3:a:avaya:aura_experience_portal:8.0.0:*:*:*:*:*:*:*
EPSS
Процентиль: 36%
0.00147
Низкий
5.3 Medium
CVSS3
5.4 Medium
CVSS3
3.5 Low
CVSS2
Дефекты
CWE-79
CWE-79
Связанные уязвимости
github
больше 3 лет назад
Stored XSS injection vulnerabilities were discovered in the Avaya Aura Experience Portal Web management which could allow an authenticated user to potentially disclose sensitive information. Affected versions include 7.0 through 7.2.3 (without hotfix) and 8.0.0 (without hotfix).
EPSS
Процентиль: 36%
0.00147
Низкий
5.3 Medium
CVSS3
5.4 Medium
CVSS3
3.5 Low
CVSS2
Дефекты
CWE-79
CWE-79