exploitDog

CVE-2025-44115

Опубликовано: 02 июн. 2025

Источник: nvd

CVSS3: 5.4

EPSS Низкий

Описание

A vulnerability has been found in Cotonti Siena v0.9.25. Affected by this vulnerability is the file /admin.php?m=config&n=edit&o=core&p=title. The manipulation of the value of title leads to cross-site scripting.

Ссылки

https://gist.github.com/yA0-Z/9666b1a333607381ab8dfcc137f2b65c
Third Party Advisory
https://github.com/Cotonti/Cotonti/issues/1650
Exploit
Issue Tracking
Third Party Advisory
https://github.com/Cotonti/Cotonti/issues/1834
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:cotonti:cotonti_siena:0.9.25:*:*:*:*:*:*:*

EPSS

Процентиль: 8%

0.00029

Низкий

5.4 Medium

CVSS3

Дефекты

CWE-79

Связанные уязвимости

GHSA-7wp3-36m3-58j5

CVSS3: 5.4

github

8 месяцев назад

A vulnerability has been found in Cotonti Siena v0.9.25. Affected by this vulnerability is the file /admin.php?m=config&n=edit&o=core&p=title. The manipulation of the value of title leads to cross-site scripting.

EPSS

Процентиль: 8%

0.00029

Низкий

5.4 Medium

CVSS3

Дефекты

CWE-79