CVE-2022-4736

Опубликовано: 25 дек. 2022

Источник: nvd

CVSS3: 3.5

CVSS3: 6.1

EPSS Низкий

Описание

A vulnerability was found in Venganzas del Pasado and classified as problematic. Affected by this issue is some unknown functionality. The manipulation of the argument the_title leads to cross site scripting. The attack may be launched remotely. The name of the patch is 62339b2ec445692c710b804bdf07aef4bd247ff7. It is recommended to apply a patch to fix this issue. VDB-216770 is the identifier assigned to this vulnerability.

Ссылки

https://github.com/jschwindt/Venganzas-del-Pasado/commit/62339b2ec445692c710b804bdf07aef4bd247ff7
Patch
Third Party Advisory
https://vuldb.com/?ctiid.216770
Third Party Advisory
https://vuldb.com/?id.216770
Third Party Advisory
https://www.openbugbounty.org/reports/3022583/
Third Party Advisory
https://github.com/jschwindt/Venganzas-del-Pasado/commit/62339b2ec445692c710b804bdf07aef4bd247ff7
Patch
Third Party Advisory
https://vuldb.com/?ctiid.216770
Third Party Advisory
https://vuldb.com/?id.216770
Third Party Advisory
https://www.openbugbounty.org/reports/3022583/
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:venganzasdelpasado:venganzas_del_pasado:-:*:*:*:*:*:*:*

EPSS

Процентиль: 60%

0.00392

Низкий

3.5 Low

CVSS3

6.1 Medium

CVSS3

Дефекты

CWE-79

Связанные уязвимости

GHSA-38xm-mh5h-63pp

CVSS3: 6.1

github

около 3 лет назад

EPSS

Процентиль: 60%

0.00392

Низкий

3.5 Low

CVSS3

6.1 Medium

CVSS3

Дефекты

CWE-79