Описание
PublicCMS 4.0 is vulnerable to Cross Site Scripting (XSS). Because files can be uploaded and online preview function is provided, pdf files and html files containing malicious code are uploaded, an XSS popup window is realized through online viewing.
Ссылки
- ExploitIssue Tracking
- ExploitIssue Tracking
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:publiccms:publiccms:4.0:*:*:*:*:*:*:*
EPSS
Процентиль: 38%
0.00165
Низкий
5.4 Medium
CVSS3
Дефекты
CWE-79
CWE-79
Связанные уязвимости
CVSS3: 5.4
github
около 2 лет назад
PublicCMS 4.0 is vulnerable to Cross Site Scripting (XSS). Because files can be uploaded and online preview function is provided, pdf files and html files containing malicious code are uploaded, an XSS popup window is realized through online viewing.
CVSS3: 5.4
fstec
около 2 лет назад
Уязвимость компонента Online Preview CMS-системы PublicCMS, позволяющая нарушителю проводить межсайтовые сценарные атаки
EPSS
Процентиль: 38%
0.00165
Низкий
5.4 Medium
CVSS3
Дефекты
CWE-79
CWE-79