Описание
Reprise License Manager 14.2 is affected by a reflected cross-site scripting vulnerability (XSS) in the /goform/login_process username parameter via GET. No authentication is required.
Ссылки
- ExploitThird Party AdvisoryVDB Entry
- ExploitMailing ListThird Party Advisory
- Product
- ExploitThird Party AdvisoryVDB Entry
- ExploitMailing ListThird Party Advisory
- Product
Уязвимые конфигурации
Конфигурация 1Версия от 14.2 (включая) до 16.0 (исключая)
cpe:2.3:a:reprisesoftware:reprise_license_manager:*:*:*:*:*:*:*:*
EPSS
Процентиль: 92%
0.0781
Низкий
6.1 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-79
Связанные уязвимости
CVSS3: 6.1
github
почти 4 года назад
Reprise License Manager 14.2 is affected by a reflected cross-site scripting vulnerability (XSS) in the /goform/login_process username parameter via GET. No authentication is required.
EPSS
Процентиль: 92%
0.0781
Низкий
6.1 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-79