Описание
Stored Cross Site Scripting (XSS) vulnerability in the add contact function CiviCRM 5.59.alpha1, allows attackers to execute arbitrary code in first/second name field.
Ссылки
- Product
- ExploitThird Party AdvisoryVDB Entry
- Product
- ExploitThird Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:civicrm:civicrm:5.59:alpha1:*:*:*:*:*:*
EPSS
Процентиль: 43%
0.00204
Низкий
5.4 Medium
CVSS3
Дефекты
CWE-79
CWE-79
Связанные уязвимости
CVSS3: 5.4
ubuntu
больше 2 лет назад
Stored Cross Site Scripting (XSS) vulnerability in the add contact function CiviCRM 5.59.alpha1, allows attackers to execute arbitrary code in first/second name field.
CVSS3: 5.4
debian
больше 2 лет назад
Stored Cross Site Scripting (XSS) vulnerability in the add contact fun ...
CVSS3: 5.4
github
больше 2 лет назад
Stored Cross Site Scripting (XSS) vulnerability in the add contact function CiviCRM 5.59.alpha1, allows attackers to execute arbitrary code in first/second name field.
EPSS
Процентиль: 43%
0.00204
Низкий
5.4 Medium
CVSS3
Дефекты
CWE-79
CWE-79