exploitDog

CVE-2021-27564

Опубликовано: 22 фев. 2021

Источник: nvd

CVSS3: 5.4

CVSS2: 3.5

EPSS Низкий

Описание

A stored XSS issue exists in Appspace 6.2.4. After a user is authenticated and enters an XSS payload under the groups section of the network tab, it is stored as the group name. Whenever another member visits that group, this payload executes.

Ссылки

https://github.com/viperbluff/Appspace-Ver-6.2.4-Stored-Xss
Exploit
Third Party Advisory
https://github.com/viperbluff/Appspace-Ver-6.2.4-Stored-Xss
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:appspace:appspace:6.2.4:*:*:*:*:*:*:*

EPSS

Процентиль: 61%

0.0042

Низкий

5.4 Medium

CVSS3

3.5 Low

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-9pcq-r26w-9482

github

больше 3 лет назад

A stored XSS issue exists in Appspace 6.2.4. After a user is authenticated and enters an XSS payload under the groups section of the network tab, it is stored as the group name. Whenever another member visits that group, this payload executes.

EPSS

Процентиль: 61%

0.0042

Низкий

5.4 Medium

CVSS3

3.5 Low

CVSS2

Дефекты

CWE-79