Описание
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Group Functionality of Profelis IT Consultancy SambaBox allows AUTHENTICATED user to cause execute arbitrary codes on the vulnerable server. This issue affects: Profelis IT Consultancy SambaBox 4.0 version 4.0 and prior versions on x86.
Ссылки
- Release NotesVendor Advisory
- Release NotesVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 4.0 (включая)
cpe:2.3:a:profelis:sambabox:*:*:*:*:*:*:x86:*
EPSS
Процентиль: 75%
0.00888
Низкий
3.8 Low
CVSS3
9 Critical
CVSS3
3.5 Low
CVSS2
Дефекты
CWE-80
CWE-79
Связанные уязвимости
CVSS3: 9
github
почти 4 года назад
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Group Functionality of Profelis IT Consultancy SambaBox allows AUTHENTICATED user to cause execute arbitrary codes on the vulnerable server. This issue affects: Profelis IT Consultancy SambaBox 4.0 version 4.0 and prior versions on x86.
EPSS
Процентиль: 75%
0.00888
Низкий
3.8 Low
CVSS3
9 Critical
CVSS3
3.5 Low
CVSS2
Дефекты
CWE-80
CWE-79