exploitDog

CVE-2022-26198

Опубликовано: 27 мар. 2022

Источник: nvd

CVSS3: 9.8

CVSS2: 7.5

EPSS Низкий

Описание

Notable v1.8.4 does not filter text editing, allowing attackers to execute arbitrary code via a crafted payload injected into the Title text field.

Ссылки

https://github.com/notable/notable/issues/1595
Exploit
Issue Tracking
Third Party Advisory
https://github.com/notable/notable/issues/1595
Exploit
Issue Tracking
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:notable:notable:1.8.4:*:*:*:*:*:*:*

EPSS

Процентиль: 75%

0.00853

Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-3rcq-vwx7-jh65

CVSS3: 9.8

github

почти 4 года назад

Notable v1.8.4 does not filter text editing, allowing attackers to execute arbitrary code via a crafted payload injected into the Title text field.

EPSS

Процентиль: 75%

0.00853

Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

NVD-CWE-Other