CVE-2024-2247

Опубликовано: 13 мар. 2024

Источник: nvd

CVSS3: 8.8

CVSS3: 6.1

EPSS Низкий

Описание

JFrog Artifactory versions below 7.77.7, 7.82.1, are vulnerable to DOM-based cross-site scripting due to improper handling of the import override mechanism.

Ссылки

https://jfrog.com/help/r/jfrog-release-information/jfrog-security-advisories
Vendor Advisory
https://jfrog.com/help/r/jfrog-release-information/jfrog-security-advisories
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:jfrog:artifactory:*:*:*:*:*:-:*:*

Версия до 7.77.7 (включая)

EPSS

Процентиль: 85%

0.02607

Низкий

8.8 High

CVSS3

6.1 Medium

CVSS3

Дефекты

CWE-79

Связанные уязвимости

GHSA-gqg8-h7gm-47hq

CVSS3: 8.8

github

почти 2 года назад

JFrog Artifactory versions below 7.77.7, are vulnerable to DOM-based cross-site scripting due to improper handling of the import override mechanism.

EPSS

Процентиль: 85%

0.02607

Низкий

8.8 High

CVSS3

6.1 Medium

CVSS3

Дефекты

CWE-79