exploitDog

CVE-2022-34578

Опубликовано: 28 июл. 2022

Источник: nvd

CVSS3: 7.2

EPSS Низкий

Описание

Open Source Point of Sale v3.3.7 was discovered to contain an arbitrary file upload vulnerability via the Update Branding Settings page.

Ссылки

https://grimthereaperteam.medium.com/open-source-point-of-sale-v3-3-7-file-upload-cross-site-scripting-4900d717b2c3
Exploit
Third Party Advisory
https://grimthereaperteam.medium.com/open-source-point-of-sale-v3-3-7-file-upload-cross-site-scripting-4900d717b2c3
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:opensourcepos:open_source_point_of_sale:3.3.7:*:*:*:*:*:*:*

EPSS

Процентиль: 63%

0.0045

Низкий

7.2 High

CVSS3

Дефекты

CWE-434

Связанные уязвимости

GHSA-pxvc-9m9j-4r9v

CVSS3: 7.2

github

больше 3 лет назад

Open Source Point of Sale v3.3.7 was discovered to contain an arbitrary file upload vulnerability via the Update Branding Settings page.

EPSS

Процентиль: 63%

0.0045

Низкий

7.2 High

CVSS3

Дефекты

CWE-434