CVE-2023-4892

Опубликовано: 25 сент. 2023

Источник: nvd

CVSS3: 5.7

CVSS3: 4.6

EPSS Низкий

Описание

Teedy v1.11 has a vulnerability in its text editor that allows events

to be executed in HTML tags that an attacker could manipulate. Thanks

to this, it is possible to execute malicious JavaScript in the webapp.

Ссылки

https://fluidattacks.com/advisories/freebird
Exploit
Third Party Advisory
https://teedy.io
Product
https://fluidattacks.com/advisories/freebird
Exploit
Third Party Advisory
https://teedy.io
Product

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:sismics:teedy:1.11:*:*:*:*:*:*:*

EPSS

Процентиль: 25%

0.00087

Низкий

5.7 Medium

CVSS3

4.6 Medium

CVSS3

Дефекты

CWE-79

Связанные уязвимости

GHSA-3fm6-w3v5-p4r7

CVSS3: 5.7

github

больше 2 лет назад

Teedy v1.11 has a vulnerability in its text editor that allows events to be executed in HTML tags that an attacker could manipulate. Thanks to this, it is possible to execute malicious JavaScript in the webapp.

EPSS

Процентиль: 25%

0.00087

Низкий

5.7 Medium

CVSS3

4.6 Medium

CVSS3

Дефекты

CWE-79