Описание
Enhavo v0.13.1 was discovered to contain an HTML injection vulnerability in the Author text field under the Blockquote module. This vulnerability allows attackers to execute arbitrary code via a crafted payload.
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:enhavo:enhavo:0.13.1:*:*:*:*:*:*:*
EPSS
Процентиль: 30%
0.00113
Низкий
5.4 Medium
CVSS3
Дефекты
CWE-80
Связанные уязвимости
CVSS3: 5.4
github
почти 2 года назад
Enhavo v0.13.1 was discovered to contain an HTML injection vulnerability in the Author text field under the Blockquote module. This vulnerability allows attackers to execute arbitrary code via a crafted payload.
EPSS
Процентиль: 30%
0.00113
Низкий
5.4 Medium
CVSS3
Дефекты
CWE-80