Описание
A non-administrative user can upload malicious files. When an administrator or the product accesses that file, an arbitrary script may be executed on the administrator's browser. Note that Movable Type 7 series and 8.4 series, which are End-of-Life (EOL), are affected by the vulnerability as well.
EPSS
Процентиль: 1%
0.00011
Низкий
6.5 Medium
CVSS3
Дефекты
CWE-434
Связанные уязвимости
CVSS3: 6.5
debian
4 дня назад
A non-administrative user can upload malicious files. When an administ ...
CVSS3: 6.5
github
4 дня назад
A non-administrative user can upload malicious files. When an administrator or the product accesses that file, an arbitrary script may be executed on the administrator's browser. Note that Movable Type 7 series and 8.4 series, which are End-of-Life (EOL), are affected by the vulnerability as well.
EPSS
Процентиль: 1%
0.00011
Низкий
6.5 Medium
CVSS3
Дефекты
CWE-434