Описание
Cross-site scripting vulnerability exists in Group Office prior to v6.6.182, prior to v6.7.64 and prior to v6.8.31, which may allow a remote authenticated attacker to execute an arbitrary script on the web browser of the user who is logging in to the product.
Ссылки
- Product
- Third Party Advisory
- Product
- Product
- Third Party Advisory
- Product
Уязвимые конфигурации
Конфигурация 1Версия до 6.6.182 (исключая)Версия от 6.7.0 (включая) до 6.7.64 (исключая)Версия от 6.8.0 (включая) до 6.8.31 (исключая)
Одно из
cpe:2.3:a:group-office:group_office:*:*:*:*:*:*:*:*
cpe:2.3:a:group-office:group_office:*:*:*:*:*:*:*:*
cpe:2.3:a:group-office:group_office:*:*:*:*:*:*:*:*
EPSS
Процентиль: 42%
0.00202
Низкий
5.4 Medium
CVSS3
Дефекты
CWE-79
CWE-79
Связанные уязвимости
CVSS3: 5.4
github
около 2 лет назад
Cross-site scripting vulnerability exists in Group Office prior to v6.6.182, prior to v6.7.64 and prior to v6.8.31, which may allow a remote authenticated attacker to execute an arbitrary script on the web browser of the user who is logging in to the product.
EPSS
Процентиль: 42%
0.00202
Низкий
5.4 Medium
CVSS3
Дефекты
CWE-79
CWE-79