Описание
A stored cross-site scripting (XSS) vulnerability in the upload function of /admin/show.php allows attackers to execute arbitrary web scripts or HTML via a crafted image file.
Ссылки
- Vendor Advisory
- Issue TrackingThird Party Advisory
- Vendor Advisory
- Issue TrackingThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:douco:douphp:1.6:20220216:*:*:*:*:*:*
EPSS
Процентиль: 64%
0.0048
Низкий
4.8 Medium
CVSS3
3.5 Low
CVSS2
Дефекты
CWE-79
Связанные уязвимости
CVSS3: 4.8
github
почти 4 года назад
A stored cross-site scripting (XSS) vulnerability in the upload function of /admin/show.php allows attackers to execute arbitrary web scripts or HTML via a crafted image file.
EPSS
Процентиль: 64%
0.0048
Низкий
4.8 Medium
CVSS3
3.5 Low
CVSS2
Дефекты
CWE-79