Описание
An issue was discovered in Firmware Analysis and Comparison Tool v3.2. With administrator privileges, the attacker could perform stored XSS attacks by inserting JavaScript and HTML code in user creation functionality.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:firmware_analysis_and_comparison_tool_project:firmware_analysis_and_comparison_tool:3.2:*:*:*:*:*:*:*
EPSS
Процентиль: 46%
0.00235
Низкий
4.8 Medium
CVSS3
3.5 Low
CVSS2
Дефекты
CWE-79
Связанные уязвимости
CVSS3: 4.8
github
почти 4 года назад
An issue was discovered in Firmware Analysis and Comparison Tool v3.2. With administrator privileges, the attacker could perform stored XSS attacks by inserting JavaScript and HTML code in user creation functionality.
EPSS
Процентиль: 46%
0.00235
Низкий
4.8 Medium
CVSS3
3.5 Low
CVSS2
Дефекты
CWE-79