exploitDog

CVE-2024-9198

Опубликовано: 26 сент. 2024

Источник: nvd

CVSS3: 7.6

CVSS3: 5.4

EPSS Низкий

Описание

Vulnerability in Clibo Manager v1.1.9.1 that could allow an attacker to execute an stored Cross-Site Scripting (stored XSS ) by uploading a malicious .svg image in the section: Profile > Profile picture.

Ссылки

https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-clibo-manager
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:clibomanager:clibo_manager:1.1.9.1:*:*:*:*:*:*:*

EPSS

Процентиль: 59%

0.00379

Низкий

7.6 High

CVSS3

5.4 Medium

CVSS3

Дефекты

CWE-79

Связанные уязвимости

GHSA-7669-g6x3-vc23

CVSS3: 7.6

github

больше 1 года назад

Vulnerability in Clibo Manager v1.1.9.1 that could allow an attacker to execute an stored Cross-Site Scripting (stored XSS ) by uploading a malicious .svg image in the section: Profile > Profile picture.

EPSS

Процентиль: 59%

0.00379

Низкий

7.6 High

CVSS3

5.4 Medium

CVSS3

Дефекты

CWE-79