Описание
Cross site scripting vulnerability in web portal in Snow Software License Manager from version 9.0.0 up to and including 9.30.1 on Windows allows an authenticated user with high privileges to trigger cross site scripting attack via the web browser
Ссылки
- Issue TrackingVendor Advisory
- Issue TrackingVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 9.0.0 (включая) до 9.30.1 (включая)
Одновременно
cpe:2.3:a:snowsoftware:snow_license_manager:*:*:*:*:service_provider:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
EPSS
Процентиль: 40%
0.00186
Низкий
4.8 Medium
CVSS3
Дефекты
CWE-79
CWE-79
Связанные уязвимости
CVSS3: 4.8
github
больше 2 лет назад
Cross site scripting vulnerability in web portal in Snow Software License Manager from version 9.0.0 up to and including 9.30.1 on Windows allows an authenticated user with high privileges to trigger cross site scripting attack via the web browser
EPSS
Процентиль: 40%
0.00186
Низкий
4.8 Medium
CVSS3
Дефекты
CWE-79
CWE-79