Описание
Sites managed in S@M CMS (Concept Intermedia) might be vulnerable to Reflected XSS via including scripts in one of GET header parameters. Only a part of observed services is vulnerable, but since vendor has not investigated the root problem, it is hard to determine when the issue appears.
Ссылки
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 3.3 (включая)
cpe:2.3:a:conceptintermedia:s\@m_cms:*:*:*:*:*:*:*:*
EPSS
Процентиль: 67%
0.00528
Низкий
6.1 Medium
CVSS3
Дефекты
CWE-79
CWE-79
EPSS
Процентиль: 67%
0.00528
Низкий
6.1 Medium
CVSS3
Дефекты
CWE-79
CWE-79