Описание
The vulnerability was discovered within the “FaviconService”. The service takes a base64-encoded URL which is then requested by the webserver. We assume this service is used by the “meetings”-function where users can specify an external URL where the online meeting will take place.
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:hcltech:sametime:11.6:*:*:*:*:*:*:*
EPSS
Процентиль: 57%
0.00352
Низкий
6.8 Medium
CVSS3
8.8 High
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-472
NVD-CWE-Other
Связанные уязвимости
CVSS3: 8.8
github
больше 3 лет назад
The vulnerability was discovered within the “FaviconService”. The service takes a base64-encoded URL which is then requested by the webserver. We assume this service is used by the “meetings”-function where users can specify an external URL where the online meeting will take place.
EPSS
Процентиль: 57%
0.00352
Низкий
6.8 Medium
CVSS3
8.8 High
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-472
NVD-CWE-Other