Описание
Stored cross-site scripting vulnerability in Zenphoto versions prior to 1.6 allows remote a remote authenticated attacker with an administrative privilege to inject an arbitrary script.
Ссылки
- ProductThird Party Advisory
- Third Party AdvisoryVDB Entry
- Vendor Advisory
- ProductThird Party Advisory
- Third Party AdvisoryVDB Entry
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.6 (исключая)
cpe:2.3:a:zenphoto:zenphoto:*:*:*:*:*:*:*:*
EPSS
Процентиль: 55%
0.00319
Низкий
4.8 Medium
CVSS3
6.1 Medium
CVSS3
Дефекты
CWE-79
CWE-79
Связанные уязвимости
CVSS3: 4.8
github
около 3 лет назад
Stored cross-site scripting vulnerability in Zenphoto versions prior to 1.6 allows remote a remote authenticated attacker with an administrative privilege to inject an arbitrary script.
EPSS
Процентиль: 55%
0.00319
Низкий
4.8 Medium
CVSS3
6.1 Medium
CVSS3
Дефекты
CWE-79
CWE-79