Описание
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in the SonicOS SSLVPN portal allows a remote authenticated attacker as a firewall 'admin' user to store and execute arbitrary JavaScript code.
EPSS
Процентиль: 42%
0.00199
Низкий
8.3 High
CVSS3
Дефекты
CWE-79
Связанные уязвимости
CVSS3: 8.3
github
почти 2 года назад
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in the SonicOS SSLVPN portal allows a remote authenticated attacker as a firewall 'admin' user to store and execute arbitrary JavaScript code.
EPSS
Процентиль: 42%
0.00199
Низкий
8.3 High
CVSS3
Дефекты
CWE-79