exploitDog

CVE-2022-0539

Опубликовано: 09 фев. 2022

Источник: nvd

CVSS3: 6.3

CVSS3: 5.4

CVSS2: 3.5

EPSS Низкий

Описание

Cross-site Scripting (XSS) - Stored in Packagist ptrofimov/beanstalk_console prior to 1.7.14.

Ссылки

https://github.com/ptrofimov/beanstalk_console/commit/5aea5f912f6e6d19dedb1fdfc25a29a2e1fc1694
Patch
Third Party Advisory
https://huntr.dev/bounties/5f41b182-dda2-4c6f-9668-2a9afaed53af
Exploit
Third Party Advisory
https://github.com/ptrofimov/beanstalk_console/commit/5aea5f912f6e6d19dedb1fdfc25a29a2e1fc1694
Patch
Third Party Advisory
https://huntr.dev/bounties/5f41b182-dda2-4c6f-9668-2a9afaed53af
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:beanstalk_console_project:beanstalk_console:*:*:*:*:*:*:*:*

Версия до 1.7.14 (исключая)

EPSS

Процентиль: 50%

0.00267

Низкий

6.3 Medium

CVSS3

5.4 Medium

CVSS3

3.5 Low

CVSS2

Дефекты

CWE-79

CWE-79

Связанные уязвимости

GHSA-2cjf-w7c4-fhf6

CVSS3: 6.3

github

больше 3 лет назад

Cross-site Scripting in Beanstalk console

EPSS

Процентиль: 50%

0.00267

Низкий

6.3 Medium

CVSS3

5.4 Medium

CVSS3

3.5 Low

CVSS2

Дефекты

CWE-79

CWE-79