Описание
The Handy Tip macro in Stiltsoft Handy Macros for Confluence Server/Data Center 3.x before 3.5.5 allows remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability.
Ссылки
- PatchVendor Advisory
- ExploitThird Party Advisory
- PatchVendor Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 3.0.0 (включая) до 3.5.5 (исключая)
cpe:2.3:a:stiltsoft:handy_macros_for_confluence:*:*:*:*:*:*:*:*
EPSS
Процентиль: 58%
0.00363
Низкий
8.9 High
CVSS3
5.4 Medium
CVSS3
Дефекты
CWE-79
CWE-79
Связанные уязвимости
CVSS3: 5.4
github
больше 3 лет назад
The Handy Tip macro in Stiltsoft Handy Macros for Confluence Server/Data Center 3.x before 3.5.5 allows remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability.
EPSS
Процентиль: 58%
0.00363
Низкий
8.9 High
CVSS3
5.4 Medium
CVSS3
Дефекты
CWE-79
CWE-79