exploitDog

CVE-2023-26599

Опубликовано: 19 апр. 2023

Источник: nvd

CVSS3: 6.1

EPSS Низкий

Описание

XSS vulnerability in TripleSign in Tripleplay Platform releases prior to Caveman 3.4.0 allows attackers to inject client-side code to run as an authenticated user via a crafted link.

Ссылки

https://tripleplay.tv
Product
https://tripleplay.tv/wp-content/uploads/2023/03/CVE-2023-26599-Summary.pdf
Vendor Advisory
https://tripleplay.tv
Product
https://tripleplay.tv/wp-content/uploads/2023/03/CVE-2023-26599-Summary.pdf
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:uniguest:tripleplay:3.4.0:*:*:*:*:*:*:*

EPSS

Процентиль: 64%

0.0046

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-79

CWE-79

Связанные уязвимости

GHSA-cjp7-vcqg-p83x

CVSS3: 6.1

github

почти 3 года назад

XSS vulnerability in TripleSign in Tripleplay Platform releases prior to Caveman 3.4.0 allows attackers to inject client-side code to run as an authenticated user via a crafted link.

EPSS

Процентиль: 64%

0.0046

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-79

CWE-79