Описание
Cross-site scripting (XSS) vulnerability in the web interface for cumin in Red Hat Enterprise MRG Grid 2.4 allows remote attackers to inject arbitrary web script or HTML via the "Max allowance" field in the "Set limit" form.
Дополнительная информация
Статус:
Moderate
Дефект:
CWE-79
https://bugzilla.redhat.com/show_bug.cgi?id=998606cumin: non-persistent XSS possible due to not escaping set limit form input
EPSS
Процентиль: 53%
0.00296
Низкий
4.3 Medium
CVSS2
Связанные уязвимости
nvd
около 12 лет назад
Cross-site scripting (XSS) vulnerability in the web interface for cumin in Red Hat Enterprise MRG Grid 2.4 allows remote attackers to inject arbitrary web script or HTML via the "Max allowance" field in the "Set limit" form.
github
больше 3 лет назад
Cross-site scripting (XSS) vulnerability in the web interface for cumin in Red Hat Enterprise MRG Grid 2.4 allows remote attackers to inject arbitrary web script or HTML via the "Max allowance" field in the "Set limit" form.
EPSS
Процентиль: 53%
0.00296
Низкий
4.3 Medium
CVSS2