Описание
Multiple cross-site scripting (XSS) vulnerabilities in index.php in Shaarli allow remote attackers to inject arbitrary web script or HTML via the URL to the (1) showRSS, (2) showATOM, or (3) showDailyRSS function; a (4) file name to the importFile function; or (5) vectors related to bookmarks.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-apps/xenial | not-affected | 0.0.41betadfsg2-4 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was not-affected [0.0.41betadfsg2-4]] |
| lucid | DNE | |
| precise | DNE | |
| quantal | DNE | |
| saucy | ignored | end of life |
| trusty | not-affected | 0.0.41betadfsg2-4 |
| trusty/esm | DNE | trusty was not-affected [0.0.41betadfsg2-4] |
| upstream | needed |
Показывать по
EPSS
4.3 Medium
CVSS2
6.1 Medium
CVSS3
Связанные уязвимости
Multiple cross-site scripting (XSS) vulnerabilities in index.php in Shaarli allow remote attackers to inject arbitrary web script or HTML via the URL to the (1) showRSS, (2) showATOM, or (3) showDailyRSS function; a (4) file name to the importFile function; or (5) vectors related to bookmarks.
Multiple cross-site scripting (XSS) vulnerabilities in index.php in Sh ...
Multiple cross-site scripting (XSS) vulnerabilities in index.php in Shaarli allow remote attackers to inject arbitrary web script or HTML via the URL to the (1) showRSS, (2) showATOM, or (3) showDailyRSS function; a (4) file name to the importFile function; or (5) vectors related to bookmarks.
EPSS
4.3 Medium
CVSS2
6.1 Medium
CVSS3