Описание
OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. The login functionality contains a reflected cross-site scripting (XSS) vulnerability. This vulnerability is fixed in 5.19.0. Note: This CVE only affects Open Source Edition, and not OpenC3 COSMOS Enterprise Edition.
Уязвимые конфигурации
Конфигурация 1Версия до 5.19.0 (исключая)
cpe:2.3:a:openc3:cosmos:*:*:*:*:open_source:*:*:*
EPSS
Процентиль: 78%
0.0113
Низкий
6.1 Medium
CVSS3
Дефекты
CWE-79
Связанные уязвимости
CVSS3: 6.1
github
больше 1 года назад
OpenC3 Cross-site Scripting in Login functionality (`GHSL-2024-128`)
EPSS
Процентиль: 78%
0.0113
Низкий
6.1 Medium
CVSS3
Дефекты
CWE-79