Описание
Persistent cross-site scripting (XSS) in the web interface of ipDIO allows an authenticated remote attacker to introduce arbitrary JavaScript by injecting an XSS payload into specific fields. The XSS payload will be executed when a legitimate user attempts to upload, copy, download, or delete an existing configuration (Administrative Services).
Ссылки
- MitigationThird Party AdvisoryUS Government Resource
- MitigationThird Party AdvisoryUS Government Resource
Уязвимые конфигурации
Одновременно
EPSS
5.5 Medium
CVSS3
5.4 Medium
CVSS3
3.5 Low
CVSS2
Дефекты
Связанные уязвимости
Persistent cross-site scripting (XSS) in the web interface of ipDIO allows an authenticated remote attacker to introduce arbitrary JavaScript by injecting an XSS payload into specific fields. The XSS payload will be executed when a legitimate user attempts to upload, copy, download, or delete an existing configuration (Administrative Services).
EPSS
5.5 Medium
CVSS3
5.4 Medium
CVSS3
3.5 Low
CVSS2