CVE-2024-0758

Опубликовано: 19 янв. 2024

Источник: nvd

CVSS3: 6.1

EPSS Низкий

Описание

MolecularFaces before 0.3.0 is vulnerable to cross site scripting. A remote attacker can execute arbitrary JavaScript in the context of a victim browser via crafted molfiles.

Ссылки

https://github.com/advisories/GHSA-2pwh-52h7-7j84
Third Party Advisory
https://github.com/ipb-halle/MolecularFaces/security/advisories/GHSA-2pwh-52h7-7j84
Vendor Advisory
https://vulncheck.com/advisories/vc-advisory-GHSA-2pwh-52h7-7j84
Third Party Advisory
US Government Resource
https://github.com/advisories/GHSA-2pwh-52h7-7j84
Third Party Advisory
https://github.com/ipb-halle/MolecularFaces/security/advisories/GHSA-2pwh-52h7-7j84
Vendor Advisory
https://vulncheck.com/advisories/vc-advisory-GHSA-2pwh-52h7-7j84
Third Party Advisory
US Government Resource

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:ipb-halle:molecularfaces:*:*:*:*:*:*:*:*

Версия до 0.3.0 (исключая)

EPSS

Процентиль: 83%

0.01935

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-79

Связанные уязвимости

GHSA-2pwh-52h7-7j84