exploitDog

CVE-2024-30845

Опубликовано: 12 апр. 2024

Источник: nvd

CVSS3: 6.1

EPSS Низкий

Описание

Cross Site Scripting vulnerability in Rainbow external link network disk v.5.5 allows a remote attacker to execute arbitrary code via the validation component of the input parameters.

Ссылки

https://gist.github.com/Zshan7que/c813f2b52daab08c9fb4f6c6b8178b66
Third Party Advisory
https://github.com/netcccyun/pan/issues/6
Exploit
https://gist.github.com/Zshan7que/c813f2b52daab08c9fb4f6c6b8178b66
Third Party Advisory
https://github.com/netcccyun/pan/issues/6
Exploit

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:rainbow_external_link_network_disk_project:rainbow_external_link_network_disk:5.5:*:*:*:*:*:*:*

EPSS

Процентиль: 48%

0.00249

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-94

Связанные уязвимости

GHSA-2cmg-2xg7-5x37

CVSS3: 6.1

github

больше 1 года назад

Cross Site Scripting vulnerability in Rainbow external link network disk v.5.5 allows a remote attacker to execute arbitrary code via the validation component of the input parameters.

EPSS

Процентиль: 48%

0.00249

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-94