Описание
Cross-site scripting (XSS) vulnerability in application/panel_control in CloudForms 3.0 Management Engine (CFME) before 5.2.4.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Дополнительная информация
Статус:
Moderate
Дефект:
CWE-79
https://bugzilla.redhat.com/show_bug.cgi?id=1086463CFME: reflected XSS in several places due to missing JavaScript escaping
EPSS
Процентиль: 54%
0.00318
Низкий
4.3 Medium
CVSS2
Связанные уязвимости
nvd
больше 11 лет назад
Cross-site scripting (XSS) vulnerability in application/panel_control in CloudForms 3.0 Management Engine (CFME) before 5.2.4.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
github
больше 3 лет назад
Cross-site scripting (XSS) vulnerability in application/panel_control in CloudForms 3.0 Management Engine (CFME) before 5.2.4.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
EPSS
Процентиль: 54%
0.00318
Низкий
4.3 Medium
CVSS2