Описание
An HTML injection vulnerability exists where an authenticated, remote attacker with administrator privileges on the Security Center application could modify Repository parameters, which could lead to HTML redirection attacks.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 6.3.0 (исключая)
cpe:2.3:a:tenable:security_center:*:*:*:*:*:*:*:*
EPSS
Процентиль: 33%
0.00133
Низкий
5.9 Medium
CVSS3
4.8 Medium
CVSS3
Дефекты
CWE-20
CWE-79
Связанные уязвимости
CVSS3: 5.9
github
почти 2 года назад
An HTML injection vulnerability exists where an authenticated, remote attacker with administrator privileges on the Security Center application could modify Repository parameters, which could lead to HTML redirection attacks.
EPSS
Процентиль: 33%
0.00133
Низкий
5.9 Medium
CVSS3
4.8 Medium
CVSS3
Дефекты
CWE-20
CWE-79