exploitDog

CVE-2022-40434

Опубликовано: 19 дек. 2022

Источник: nvd

CVSS3: 9.8

EPSS Низкий

Описание

Softr v2.0 was discovered to be vulnerable to HTML injection via the Name field of the Account page.

Ссылки

http://softr.com
Product
https://isaghojaria.medium.com/softr-v2-0-was-discovered-to-be-vulnerable-to-html-injection-via-the-name-field-of-the-account-page-c6fbd3162254
Exploit
Third Party Advisory
https://www.softr.io/
Product
http://softr.com
Product
https://isaghojaria.medium.com/softr-v2-0-was-discovered-to-be-vulnerable-to-html-injection-via-the-name-field-of-the-account-page-c6fbd3162254
Exploit
Third Party Advisory
https://www.softr.io/
Product

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:softr:softr:2.0:*:*:*:*:*:*:*

EPSS

Процентиль: 66%

0.00515

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-79

CWE-79

Связанные уязвимости

GHSA-cw5r-qw3x-wgpf

CVSS3: 9.8

github

около 3 лет назад

Softr v2.0 was discovered to be vulnerable to HTML injection via the Name field of the Account page.

EPSS

Процентиль: 66%

0.00515

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-79

CWE-79