Описание
Due to this vulnerability, the Master operator could potentially incorporate an SVG tag into HTML, leading to an alert pop-up displaying a cookie. To mitigate stored XSS vulnerabilities, a preventive measure involves thoroughly sanitizing and validating all user inputs before they are processed and stored in the server storage.
Уязвимые конфигурации
Конфигурация 1Версия до 3.2 (исключая)
cpe:2.3:a:hcltech:bigfix_modern_client_management:*:*:*:*:*:*:*:*
EPSS
Процентиль: 18%
0.00056
Низкий
6.6 Medium
CVSS3
4.8 Medium
CVSS3
Дефекты
CWE-79
Связанные уязвимости
CVSS3: 6.6
github
около 2 лет назад
Due to this vulnerability, the Master operator could potentially incorporate an SVG tag into HTML, leading to an alert pop-up displaying a cookie. To mitigate stored XSS vulnerabilities, a preventive measure involves thoroughly sanitizing and validating all user inputs before they are processed and stored in the server storage.
EPSS
Процентиль: 18%
0.00056
Низкий
6.6 Medium
CVSS3
4.8 Medium
CVSS3
Дефекты
CWE-79