Описание
A vulnerability classified as problematic has been found in renrenio renren-security up to 5.4.0. This affects an unknown part of the component JSON Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Ссылки
- Exploit
- Permissions RequiredVDB Entry
- Third Party AdvisoryVDB Entry
- Exploit
Уязвимые конфигурации
Конфигурация 1Версия до 5.4.0 (включая)
cpe:2.3:a:renrenio:renren-security:*:*:*:*:*:*:*:*
EPSS
Процентиль: 30%
0.0011
Низкий
3.5 Low
CVSS3
5.4 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-79
Связанные уязвимости
CVSS3: 3.5
github
10 месяцев назад
A vulnerability classified as problematic has been found in renrenio renren-security up to 5.4.0. This affects an unknown part of the component JSON Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
EPSS
Процентиль: 30%
0.0011
Низкий
3.5 Low
CVSS3
5.4 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-79