exploitDog

CVE-2023-37829

Опубликовано: 01 сент. 2023

Источник: nvd

CVSS3: 6.1

EPSS Низкий

Описание

A cross-site scripting (XSS) vulnerability in General Solutions Steiner GmbH CASE 3 Taskmanagement V 3.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the notification.message parameter.

Ссылки

https://case.contwise.com/php/portal_case.php
Product
https://github.com/Popeye-ITSec/CVEs/blob/main/CVE-2023-37829
Third Party Advisory
https://case.contwise.com/php/portal_case.php
Product
https://github.com/Popeye-ITSec/CVEs/blob/main/CVE-2023-37829
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:general-solutions:contwise_case2:3.3:*:*:*:*:*:*:*

EPSS

Процентиль: 37%

0.00157

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-79

Связанные уязвимости

GHSA-85j3-cv7j-8cxm

CVSS3: 6.1

github

больше 2 лет назад

A cross-site scripting (XSS) vulnerability in General Solutions Steiner GmbH CASE 3 Taskmanagement V 3.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the notification.message parameter.

EPSS

Процентиль: 37%

0.00157

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-79