exploitDog

CVE-2023-39971

Опубликовано: 17 авг. 2023

Источник: nvd

CVSS3: 6.1

EPSS Низкий

Описание

Improper Neutralization of Input During Web Page Generation vulnerability in AcyMailing Enterprise component for Joomla allows XSS. This issue affects AcyMailing Enterprise component for Joomla: 6.7.0-8.6.3.

Ссылки

https://extensions.joomla.org/extension/acymailing-starter/
Product
https://www.acymailing.com/acymailing-release-security-%F0%9F%94%90-news-updates/
Release Notes
Vendor Advisory
https://extensions.joomla.org/extension/acymailing-starter/
Product
https://www.acymailing.com/acymailing-release-security-%F0%9F%94%90-news-updates/
Release Notes
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:acymailing:acymailing:*:*:*:*:enterprise:joomla\!:*:*

Версия от 6.7.0 (включая) до 8.7.0 (исключая)

EPSS

Процентиль: 55%

0.0032

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-79

CWE-79

Связанные уязвимости

GHSA-9fg7-j8f5-x5x9

CVSS3: 6.1

github

больше 2 лет назад

Improper Neutralization of Input During Web Page Generation vulnerability in AcyMailing Enterprise component for Joomla allows XSS. This issue affects AcyMailing Enterprise component for Joomla: 6.7.0-8.6.3.

EPSS

Процентиль: 55%

0.0032

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-79

CWE-79