Описание
Input provided in a field containing "activationMessage" in Konsola Proget is not sanitized correctly, allowing a high-privileged user to perform a Stored Cross-Site Scripting attack.
This issue has been fixed in 2.17.5 version of Konsola Proget (server part of the MDM suite).
EPSS
Процентиль: 12%
0.00042
Низкий
Дефекты
CWE-79
Связанные уязвимости
github
9 месяцев назад
Input provided in a field containing "activationMessage" in Konsola Proget is not sanitized correctly, allowing a high-privileged user to perform a Stored Cross-Site Scripting attack. This issue has been fixed in 2.17.5 version of Konsola Proget (server part of the MDM suite).
EPSS
Процентиль: 12%
0.00042
Низкий
Дефекты
CWE-79