Описание
Lucee 5.4.2.17 contains a reflected cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts through administrative interface parameters. Attackers can craft specific payloads targeting admin pages like server.cfm and web.cfm to execute arbitrary JavaScript in victim's browser sessions.
EPSS
Процентиль: 18%
0.00057
Низкий
Дефекты
CWE-79
Связанные уязвимости
github
около 2 месяцев назад
Lucee 5.4.2.17 contains a reflected cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts through administrative interface parameters. Attackers can craft specific payloads targeting admin pages like server.cfm and web.cfm to execute arbitrary JavaScript in victim's browser sessions.
EPSS
Процентиль: 18%
0.00057
Низкий
Дефекты
CWE-79