Описание
The help page in GigaVUE-FM, when using GigaVUE-OS software version 5.0 202, does not require an authenticated user. An attacker could enforce a user into inserting malicious JavaScript code into the URI, that could lead to a Reflected Cross site Scripting.
Ссылки
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:o:gigamon:gigavue-os:5.0.202:*:*:*:*:*:*:*
EPSS
Процентиль: 31%
0.00115
Низкий
6.3 Medium
CVSS3
6.1 Medium
CVSS3
Дефекты
CWE-79
CWE-79
Связанные уязвимости
CVSS3: 6.1
github
почти 3 года назад
The help page in GigaVUE-FM, when using GigaVUE-OS software version 5.0 202, does not require an authenticated user. An attacker could enforce a user into inserting malicious JavaScript code into the URI, that could lead to a Reflected Cross site Scripting.
EPSS
Процентиль: 31%
0.00115
Низкий
6.3 Medium
CVSS3
6.1 Medium
CVSS3
Дефекты
CWE-79
CWE-79