exploitDog

CVE-2022-40931

Опубликовано: 29 сент. 2022

Источник: nvd

CVSS3: 6.1

EPSS Низкий

Описание

dutchcoders Transfer.sh 1.4.0 is vulnerable to Cross Site Scripting (XSS).

Ссылки

https://github.com/dutchcoders/transfer.sh/issues/500
Exploit
Issue Tracking
Patch
Third Party Advisory
https://github.com/dutchcoders/transfer.sh/pull/501
Patch
Third Party Advisory
https://github.com/dutchcoders/transfer.sh/issues/500
Exploit
Issue Tracking
Patch
Third Party Advisory
https://github.com/dutchcoders/transfer.sh/pull/501
Patch
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:dutchcoders:transfer.sh:1.4.0:*:*:*:*:*:*:*

EPSS

Процентиль: 46%

0.00236

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-79

CWE-79

Связанные уязвимости

GHSA-pwq7-f7f9-cm2j

CVSS3: 6.1

github

больше 3 лет назад

Dutchoders transfer.sh contains an XSS vulnerability via malicious file upload

EPSS

Процентиль: 46%

0.00236

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-79

CWE-79