Описание
A cross-site scripting (XSS) vulnerability in the Article module of SPIP v4.3.3 allows authenticated attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Title parameter.
Ссылки
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:spip:spip:4.3.3:*:*:*:*:*:*:*
EPSS
Процентиль: 24%
0.00082
Низкий
4.8 Medium
CVSS3
Дефекты
CWE-79
Связанные уязвимости
CVSS3: 4.8
ubuntu
около 1 года назад
A cross-site scripting (XSS) vulnerability in the Article module of SPIP v4.3.3 allows authenticated attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Title parameter.
CVSS3: 4.8
debian
около 1 года назад
A cross-site scripting (XSS) vulnerability in the Article module of SP ...
CVSS3: 4.8
github
около 1 года назад
A cross-site scripting (XSS) vulnerability in the Article module of SPIP v4.3.3 allows authenticated attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Title parameter.
EPSS
Процентиль: 24%
0.00082
Низкий
4.8 Medium
CVSS3
Дефекты
CWE-79