Описание
Cross-site scripting vulnerability exists in FitNesse releases prior to 20220319, which may allow a remote unauthenticated attacker to execute an arbitrary script on the web browser of the user who is using the product and accessing a link with a specially crafted certain parameter.
Ссылки
- ProductRelease Notes
- Product
- Product
- Third Party Advisory
- ProductRelease Notes
- Product
- Product
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 20220319 (исключая)
cpe:2.3:a:cleancoder:fitnesse:*:*:*:*:*:*:*:*
EPSS
Процентиль: 50%
0.00266
Низкий
6.1 Medium
CVSS3
Дефекты
CWE-79
CWE-79
Связанные уязвимости
EPSS
Процентиль: 50%
0.00266
Низкий
6.1 Medium
CVSS3
Дефекты
CWE-79
CWE-79