exploitDog

CVE-2023-41592

Опубликовано: 14 сент. 2023

Источник: nvd

CVSS3: 5.4

EPSS Низкий

Описание

Froala Editor v4.0.1 to v4.1.1 was discovered to contain a cross-site scripting (XSS) vulnerability.

Ссылки

https://hacker.soarescorp.com/cve/2023-41592/
Exploit
Third Party Advisory
https://owasp.org/Top10/A03_2021-Injection/
Third Party Advisory
https://owasp.org/www-project-top-ten/
Third Party Advisory
https://hacker.soarescorp.com/cve/2023-41592/
Exploit
Third Party Advisory
https://owasp.org/Top10/A03_2021-Injection/
Third Party Advisory
https://owasp.org/www-project-top-ten/
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:froala:froala_editor:*:*:*:*:*:*:*:*

Версия от 4.0.1 (включая) до 4.1.1 (включая)

EPSS

Процентиль: 79%

0.013

Низкий

5.4 Medium

CVSS3

Дефекты

CWE-79

Связанные уязвимости

GHSA-hvpq-7vcc-5hj5

CVSS3: 5.4

github

больше 2 лет назад

Froala Editor Cross-site Scripting vulnerability

EPSS

Процентиль: 79%

0.013

Низкий

5.4 Medium

CVSS3

Дефекты

CWE-79