Описание
An improper input validation vulnerability leading to arbitrary file execution was discovered in BigFileAgent. In order to cause arbitrary files to be executed, the attacker makes the victim access a web page d by them or inserts a script using XSS into a general website.
Ссылки
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.0.1.9 (исключая)
Одновременно
cpe:2.3:a:bigfile:bigfileagent:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
EPSS
Процентиль: 57%
0.00345
Низкий
7.8 High
CVSS3
8.8 High
CVSS3
Дефекты
CWE-20
CWE-20
Связанные уязвимости
CVSS3: 8.8
github
больше 3 лет назад
An improper input validation vulnerability leading to arbitrary file execution was discovered in BigFileAgent. In order to cause arbitrary files to be executed, the attacker makes the victim access a web page d by them or inserts a script using XSS into a general website.
EPSS
Процентиль: 57%
0.00345
Низкий
7.8 High
CVSS3
8.8 High
CVSS3
Дефекты
CWE-20
CWE-20