Описание
Sites managed in S@M CMS (Concept Intermedia) might be vulnerable to Reflected XSS via including scripts in requested file names. Only a part of observed services is vulnerable, but since vendor has not investigated the root problem, it is hard to determine when the issue appears.
Ссылки
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 3.3 (включая)
cpe:2.3:a:conceptintermedia:s\@m_cms:*:*:*:*:*:*:*:*
EPSS
Процентиль: 62%
0.00423
Низкий
6.1 Medium
CVSS3
Дефекты
CWE-79
CWE-79
EPSS
Процентиль: 62%
0.00423
Низкий
6.1 Medium
CVSS3
Дефекты
CWE-79
CWE-79