exploitDog

CVE-2021-3812

Опубликовано: 17 сент. 2021

Источник: nvd

CVSS3: 6.7

CVSS3: 6.1

CVSS2: 4.3

EPSS Низкий

Описание

adminlte is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Ссылки

https://github.com/pi-hole/adminlte/commit/f526716de7bb0fd382a64bcbbb33915c926f94bb
Patch
Third Party Advisory
https://huntr.dev/bounties/875a6885-9a64-46f3-94ad-92f40f989200
Exploit
Issue Tracking
Patch
Third Party Advisory
https://github.com/pi-hole/adminlte/commit/f526716de7bb0fd382a64bcbbb33915c926f94bb
Patch
Third Party Advisory
https://huntr.dev/bounties/875a6885-9a64-46f3-94ad-92f40f989200
Exploit
Issue Tracking
Patch
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:pi-hole:web_interface:*:*:*:*:*:*:*:*

Версия до 5.6 (исключая)

EPSS

Процентиль: 40%

0.00183

Низкий

6.7 Medium

CVSS3

6.1 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-79

CWE-79

EPSS

Процентиль: 40%

0.00183

Низкий

6.7 Medium

CVSS3

6.1 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-79

CWE-79