Описание
Claris FileMaker Server before version 20.3.2 was susceptible to a reflected Cross-Site Scripting vulnerability due to an improperly handled parameter in the FileMaker WebDirect login endpoint. The vulnerability was resolved in FileMaker Server 20.3.2 by escaping the HTML contents of the login error message on the login page.
Уязвимые конфигурации
Конфигурация 1Версия до 20.3.2 (исключая)
cpe:2.3:a:claris:filemaker_server:*:*:*:*:*:*:*:*
EPSS
Процентиль: 71%
0.00681
Низкий
6.1 Medium
CVSS3
4.3 Medium
CVSS3
Дефекты
CWE-79
CWE-79
Связанные уязвимости
CVSS3: 4.3
github
почти 2 года назад
Claris FileMaker Server before version 20.3.2 was susceptible to a reflected Cross-Site Scripting vulnerability due to an improperly handled parameter in the FileMaker WebDirect login endpoint. The vulnerability was resolved in FileMaker Server 20.3.2 by escaping the HTML contents of the login error message on the login page.
EPSS
Процентиль: 71%
0.00681
Низкий
6.1 Medium
CVSS3
4.3 Medium
CVSS3
Дефекты
CWE-79
CWE-79