exploitDog

CVE-2021-39391

Опубликовано: 14 сент. 2021

Источник: nvd

CVSS3: 6.1

CVSS2: 4.3

EPSS Низкий

Описание

Cross Site Scripting (XSS) vulnerability exists in the admin panel in Beego v2.0.1 via the URI path in an HTTP request, which is activated by administrators viewing the "Request Statistics" page.

Ссылки

https://github.com/beego/beego
Third Party Advisory
https://github.com/beego/beego/issues/4727
Exploit
Issue Tracking
Patch
Third Party Advisory
https://github.com/beego/beego
Third Party Advisory
https://github.com/beego/beego/issues/4727
Exploit
Issue Tracking
Patch
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:beego:beego:2.0.1:*:*:*:*:*:*:*

EPSS

Процентиль: 47%

0.00241

Низкий

6.1 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-c77f-4rgj-jfr4

CVSS3: 6.1

github

больше 4 лет назад

Cross-site Scripting in Beego

EPSS

Процентиль: 47%

0.00241

Низкий

6.1 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-79