Описание
A Cross-site scripting (XSS) vulnerability in /api_vedo/ in Vedo Suite version 2024.17 allows remote attackers to inject arbitrary Javascript or HTML code and potentially trigger code execution in victim's browser.
Ссылки
- Broken Link
- Exploit
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:vedo_suite_project:vedo_suite:2024.17:*:*:*:*:*:*:*
EPSS
Процентиль: 20%
0.00065
Низкий
6.1 Medium
CVSS3
Дефекты
CWE-79
Связанные уязвимости
CVSS3: 6.1
github
6 месяцев назад
A Cross-site scripting (XSS) vulnerability in /api_vedo/ in Vedo Suite version 2024.17 allows remote attackers to inject arbitrary Javascript or HTML code and potentially trigger code execution in victim's browser.
EPSS
Процентиль: 20%
0.00065
Низкий
6.1 Medium
CVSS3
Дефекты
CWE-79