exploitDog

CVE-2022-40358

Опубликовано: 23 сент. 2022

Источник: nvd

CVSS3: 5.4

EPSS Низкий

Описание

An issue was discovered in AjaXplorer 4.2.3, allows attackers to cause cross site scripting vulnerabilities via a crafted svg file upload.

Ссылки

https://cxsecurity.com/issue/WLB-2022090059
Exploit
Issue Tracking
Third Party Advisory
https://sourceforge.net/projects/ajaxplorer/files/ajaxplorer/stable-channel/4.2.3/
Release Notes
Third Party Advisory
https://cxsecurity.com/issue/WLB-2022090059
Exploit
Issue Tracking
Third Party Advisory
https://sourceforge.net/projects/ajaxplorer/files/ajaxplorer/stable-channel/4.2.3/
Release Notes
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:ajaxplorer:ajaxplorer:4.2.3:*:*:*:*:*:*:*

EPSS

Процентиль: 52%

0.00285

Низкий

5.4 Medium

CVSS3

Дефекты

CWE-79

CWE-79

Связанные уязвимости

CVE-2022-40358

CVSS3: 5.4

debian

больше 3 лет назад

An issue was discovered in AjaXplorer 4.2.3, allows attackers to cause ...

GHSA-cc8c-93xf-8jgq

CVSS3: 5.4

github

больше 3 лет назад

An issue was discovered in AjaXplorer 4.2.3, allows attackers to cause cross site scripting vulnerabilities via a crafted svg file upload.

EPSS

Процентиль: 52%

0.00285

Низкий

5.4 Medium

CVSS3

Дефекты

CWE-79

CWE-79