Описание
Multiple cross-site scripting (XSS) vulnerabilities in Textpattern (aka Txp CMS) 4.0.5 allow remote attackers to inject arbitrary web script or HTML via (1) the PATH_INFO to setup/index.php or (2) the name parameter to index.php in the comments preview section.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | not-affected | 4.0.6-3 |
| gutsy | DNE | |
| hardy | ignored | end of life |
| intrepid | not-affected | 4.0.6-2 |
| jaunty | not-affected | 4.0.6-3 |
| karmic | not-affected | 4.0.6-3 |
| lucid | not-affected | 4.0.6-3 |
| maverick | not-affected | 4.0.6-3 |
| natty | not-affected | 4.0.6-3 |
Показывать по
EPSS
4.3 Medium
CVSS2
Связанные уязвимости
Multiple cross-site scripting (XSS) vulnerabilities in Textpattern (aka Txp CMS) 4.0.5 allow remote attackers to inject arbitrary web script or HTML via (1) the PATH_INFO to setup/index.php or (2) the name parameter to index.php in the comments preview section.
Multiple cross-site scripting (XSS) vulnerabilities in Textpattern (ak ...
Multiple cross-site scripting (XSS) vulnerabilities in Textpattern (aka Txp CMS) 4.0.5 allow remote attackers to inject arbitrary web script or HTML via (1) the PATH_INFO to setup/index.php or (2) the name parameter to index.php in the comments preview section.
EPSS
4.3 Medium
CVSS2