CVE-2023-30958

Опубликовано: 03 авг. 2023

Источник: nvd

CVSS3: 4.7

CVSS3: 6.1

EPSS Низкий

Описание

A security defect was identified in Foundry Frontend that enabled users to potentially conduct DOM XSS attacks if Foundry's CSP were to be bypassed.

This defect was resolved with the release of Foundry Frontend 6.225.0.

Ссылки

https://palantir.safebase.us/?tcuUid=5764b094-d3c0-4380-90f2-234f36116c9b
Vendor Advisory
https://palantir.safebase.us/?tcuUid=5764b094-d3c0-4380-90f2-234f36116c9b
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:zabbix:frontend:*:*:*:*:*:*:*:*

Версия до 6.225.0 (исключая)

EPSS

Процентиль: 40%

0.00181

Низкий

4.7 Medium

CVSS3

6.1 Medium

CVSS3

Дефекты

CWE-83

CWE-79

Связанные уязвимости

GHSA-h7r6-9754-jpv8

CVSS3: 4.7

github

больше 2 лет назад

A security defect was identified in Foundry Frontend that enabled users to potentially conduct DOM XSS attacks if Foundry's CSP were to be bypassed. This defect was resolved with the release of Foundry Frontend 6.225.0.

EPSS

Процентиль: 40%

0.00181

Низкий

4.7 Medium

CVSS3

6.1 Medium

CVSS3

Дефекты

CWE-83

CWE-79