Описание
OPEXUS eCASE Audit allows an authenticated attacker to save JavaScript as a comment within the Document Check Out functionality. The JavaScript is executed whenever another user views the Action History Log. Fixed in OPEXUS eCASE Platform 11.14.1.0.
Уязвимые конфигурации
Конфигурация 1Версия от 11.4.0 (включая) до 11.14.1.0 (исключая)
cpe:2.3:a:opexustech:ecase_audit:*:*:*:*:*:*:*:*
EPSS
Процентиль: 8%
0.00029
Низкий
5.5 Medium
CVSS3
5.4 Medium
CVSS3
Дефекты
CWE-79
Связанные уязвимости
CVSS3: 5.5
github
30 дней назад
OPEXUS eCASE Audit allows an authenticated attacker to save JavaScript as a comment within the Document Check Out functionality. The JavaScript is executed whenever another user views the Action History Log. Fixed in OPEXUS eCASE Platform 11.14.1.0.
EPSS
Процентиль: 8%
0.00029
Низкий
5.5 Medium
CVSS3
5.4 Medium
CVSS3
Дефекты
CWE-79