exploitDog

CVE-2021-37518

Опубликовано: 03 фев. 2023

Источник: nvd

CVSS3: 6.1

EPSS Низкий

Описание

Universal Cross Site Scripting (UXSS) vulnerability in Vimium Extension 1.66 and earlier allows remote attackers to run arbitrary code via omnibar feature.

Ссылки

https://github.com/philc/vimium/issues/3832
Exploit
Third Party Advisory
https://github.com/philc/vimium/pull/3850
Third Party Advisory
https://github.com/philc/vimium/issues/3832
Exploit
Third Party Advisory
https://github.com/philc/vimium/pull/3850
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:vimium_project:vimium:*:*:*:*:*:*:*:*

Версия до 1.66 (включая)

EPSS

Процентиль: 22%

0.00071

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-79

CWE-79

Связанные уязвимости

GHSA-7wx8-v5hr-wv3m

CVSS3: 6.1

github

около 3 лет назад

Universal Cross Site Scripting (UXSS) vulnerability in Vimium Extension 1.66 and earlier allows remote attackers to run arbitrary code via omnibar feature.

EPSS

Процентиль: 22%

0.00071

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-79

CWE-79