exploitDog

CVE-2023-27151

Опубликовано: 29 фев. 2024

Источник: nvd

CVSS3: 6.1

EPSS Низкий

Описание

openCRX 5.2.0 was discovered to contain an HTML injection vulnerability for Search Criteria-Activity Number (in the Saved Search Activity) via the Name, Description, or Activity Number field.

Ссылки

https://www.esecforte.com/cve-2023-27151-html-injection-activity-tracker/
Exploit
Third Party Advisory
https://www.opencrx.org/
Release Notes
https://www.esecforte.com/cve-2023-27151-html-injection-activity-tracker/
Exploit
Third Party Advisory
https://www.opencrx.org/
Release Notes

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:opencrx:opencrx:5.2.0:*:*:*:*:*:*:*

EPSS

Процентиль: 59%

0.00378

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-79

Связанные уязвимости

GHSA-f8vf-5cvf-jr22

CVSS3: 6.1

github

почти 2 года назад

openCRX 5.2.0 was discovered to contain an HTML injection vulnerability for Search Criteria-Activity Number (in the Saved Search Activity) via the Name, Description, or Activity Number field.

EPSS

Процентиль: 59%

0.00378

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-79