Описание
There is a file upload XSS vulnerability in Generex CS141 below 2.06 version. The web application allows file uploading, making it possible to upload a file with HTML content. When HTML files are allowed, XSS payload can be injected into the uploaded file.
Ссылки
- Release Notes
- Not Applicable
- Release Notes
- Not Applicable
Уязвимые конфигурации
Конфигурация 1Версия до 2.06 (исключая)
Одновременно
cpe:2.3:o:generex:cs141_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:generex:cs141:-:*:*:*:*:*:*:*
EPSS
Процентиль: 30%
0.00113
Низкий
5.3 Medium
CVSS3
6.1 Medium
CVSS3
Дефекты
CWE-79
CWE-79
Связанные уязвимости
CVSS3: 5.3
github
больше 2 лет назад
There is a file upload XSS vulnerability in Generex CS141 below 2.06 version. The web application allows file uploading, making it possible to upload a file with HTML content. When HTML files are allowed, XSS payload can be injected into the uploaded file.
EPSS
Процентиль: 30%
0.00113
Низкий
5.3 Medium
CVSS3
6.1 Medium
CVSS3
Дефекты
CWE-79
CWE-79