exploitDog

CVE-2021-40492

Опубликовано: 03 сент. 2021

Источник: nvd

CVSS3: 6.1

CVSS2: 4.3

EPSS Низкий

Описание

A reflected XSS vulnerability exists in multiple pages in version 22 of the Gibbon application that allows for arbitrary execution of JavaScript (gibbonCourseClassID, gibbonPersonID, subpage, currentDate, or allStudents to index.php).

Ссылки

https://gibbonedu.org/
Vendor Advisory
https://github.com/5qu1n7/CVE-2021-40492
Third Party Advisory
https://gibbonedu.org/
Vendor Advisory
https://github.com/5qu1n7/CVE-2021-40492
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:gibbonedu:gibbon:22.0.00:*:*:*:*:*:*:*

EPSS

Процентиль: 93%

0.09965

Низкий

6.1 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-qxgj-gjcq-4732

github

больше 3 лет назад

A reflected XSS vulnerability exists in multiple pages in version 22 of the Gibbon application that allows for arbitrary execution of JavaScript (gibbonCourseClassID, gibbonPersonID, subpage, currentDate, or allStudents to index.php).

EPSS

Процентиль: 93%

0.09965

Низкий

6.1 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-79