Описание
Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability identified in BigFix Server version 9.5.12.68, allowing for potential data exfiltration. This XSS vulnerability is in the Gather Status Report, which is served by the BigFix Relay.
Уязвимые конфигурации
Конфигурация 1Версия от 9.5 (включая) до 9.5.23 (исключая)Версия от 10.0.0 (включая) до 10.0.10 (исключая)
Одно из
cpe:2.3:a:hcltech:bigfix_platform:*:*:*:*:*:*:*:*
cpe:2.3:a:hcltech:bigfix_platform:*:*:*:*:*:*:*:*
cpe:2.3:a:hcltech:bigfix_platform:11.0.0:*:*:*:*:*:*:*
EPSS
Процентиль: 37%
0.00161
Низкий
7.7 High
CVSS3
6.1 Medium
CVSS3
Дефекты
CWE-79
Связанные уязвимости
CVSS3: 7.7
github
около 2 лет назад
Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability identified in BigFix Server version 9.5.12.68, allowing for potential data exfiltration. This XSS vulnerability is in the Gather Status Report, which is served by the BigFix Relay.
EPSS
Процентиль: 37%
0.00161
Низкий
7.7 High
CVSS3
6.1 Medium
CVSS3
Дефекты
CWE-79