CVE-2021-39362

Опубликовано: 22 авг. 2021

Источник: nvd

CVSS3: 6.1

CVSS2: 4.3

EPSS Низкий

Описание

An XSS issue was discovered in ReCaptcha Solver 5.7. A response from Anti-Captcha.com, RuCaptcha.com, 2captcha.com, DEATHbyCAPTCHA.com, ImageTyperz.com, or BestCaptchaSolver.com in setCaptchaCode() is inserted into the DOM as HTML, resulting in full control over the user's browser by these servers.

Ссылки

https://thesamarkand.tumblr.com/post/660171228514009088/xss-vulnerability-in-recaptcha-solver-by-dozz
Third Party Advisory
https://thesamarkand.tumblr.com/post/660171228514009088/xss-vulnerability-in-recaptcha-solver-by-dozz
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:recaptcha_solver_project:recaptcha_solver:5.7:*:*:*:*:*:*:*

EPSS

Процентиль: 47%

0.0024

Низкий

6.1 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-j39q-gqrr-xv8m

github

больше 3 лет назад

BDU:2021-05602