Описание
Terminalfour versions 8.3.7, 8.3.x versions prior to version 8.3.8 and r 8.2.x versions prior to version 8.2.18.5 or 8.2.18.2.1 are vulnerable to (XSS) vulnerability that could be exploited by an attacker to mislead an administrator and steal their credentials.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
- Release NotesVendor Advisory
- Release NotesVendor Advisory
- Release NotesVendor Advisory
- ExploitThird Party Advisory
- ExploitThird Party Advisory
- Release NotesVendor Advisory
- Release NotesVendor Advisory
- Release NotesVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 8.2.0 (включая) до 8.2.18.2.1 (исключая)Версия от 8.2.18.3 (включая) до 8.2.18.5 (исключая)Версия от 8.3.0 (включая) до 8.3.8 (исключая)
Одно из
cpe:2.3:a:terminalfour:terminalfour:*:*:*:*:*:*:*:*
cpe:2.3:a:terminalfour:terminalfour:*:*:*:*:*:*:*:*
cpe:2.3:a:terminalfour:terminalfour:*:*:*:*:*:*:*:*
EPSS
Процентиль: 71%
0.00678
Низкий
6.1 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-79
Связанные уязвимости
CVSS3: 6.1
github
больше 3 лет назад
Terminalfour before 8.3.8 allows XSS, aka RDSM-31817. 8.2.18.2.1 and 8.2.18.5 are also fixed versions.
EPSS
Процентиль: 71%
0.00678
Низкий
6.1 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-79