Описание
An XSS vulnerability has been discovered in ICS Business Manager affecting version 7.06.0028.7066. A remote attacker could send a specially crafted string exploiting the obdd_act parameter, allowing the attacker to steal an authenticated user's session, and perform actions within the application.
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:icssolution:ics_business_manager:7.06.0028.2802:*:*:*:*:*:*:*
cpe:2.3:a:icssolution:ics_business_manager:7.06.0028.7066:*:*:*:*:*:*:*
cpe:2.3:a:icssolution:ics_business_manager:7.06.0028.7089:*:*:*:*:*:*:*
EPSS
Процентиль: 17%
0.00055
Низкий
6.3 Medium
CVSS3
6.1 Medium
CVSS3
Дефекты
CWE-79
Связанные уязвимости
CVSS3: 6.3
github
около 2 лет назад
An XSS vulnerability has been discovered in ICS Business Manager affecting version 7.06.0028.7066. A remote attacker could send a specially crafted string exploiting the obdd_act parameter, allowing the attacker to steal an authenticated user's session, and perform actions within the application.
EPSS
Процентиль: 17%
0.00055
Низкий
6.3 Medium
CVSS3
6.1 Medium
CVSS3
Дефекты
CWE-79