Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2021-44118

Опубликовано: 26 янв. 2022
Источник: nvd
CVSS3: 5.4
CVSS2: 3.5
EPSS Низкий

Описание

SPIP 4.0.0 is affected by a Cross Site Scripting (XSS) vulnerability. To exploit the vulnerability, a visitor must browse to a malicious SVG file. The vulnerability allows an authenticated attacker to inject malicious code running on the client side into web pages visited by other users (stored XSS).

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:spip:spip:4.0.0:*:*:*:*:*:*:*

EPSS

Процентиль: 29%
0.00104
Низкий

5.4 Medium

CVSS3

3.5 Low

CVSS2

Дефекты

CWE-79

Связанные уязвимости

ubuntu логотип

CVE-2021-44118

CVSS3: 5.4
ubuntu
около 4 лет назад

SPIP 4.0.0 is affected by a Cross Site Scripting (XSS) vulnerability. To exploit the vulnerability, a visitor must browse to a malicious SVG file. The vulnerability allows an authenticated attacker to inject malicious code running on the client side into web pages visited by other users (stored XSS).

debian логотип

CVE-2021-44118

CVSS3: 5.4
debian
около 4 лет назад

SPIP 4.0.0 is affected by a Cross Site Scripting (XSS) vulnerability. ...

github логотип

GHSA-564r-594w-gw2m

github
около 4 лет назад

SPIP 4.0.0 is affected by a Cross Site Scripting (XSS) vulnerability. To exploit the vulnerability, a visitor must browse to a malicious SVG file. The vulnerability allows an authenticated attacker to inject malicious code running on the client side into web pages visited by other users (stored XSS).

EPSS

Процентиль: 29%
0.00104
Низкий

5.4 Medium

CVSS3

3.5 Low

CVSS2

Дефекты

CWE-79