Описание
Cross-site scripting (XSS) vulnerability in the cgi_puts function in cgi-bin/template.c in the template engine in CUPS before 2.0.3 allows remote attackers to inject arbitrary web script or HTML via the QUERY parameter to help/.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 2.0.2-3ubuntu1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [1.7.2-0ubuntu1.6]] |
| precise | released | 1.5.3-0ubuntu8.7 |
| trusty | released | 1.7.2-0ubuntu1.6 |
| trusty/esm | DNE | trusty was released [1.7.2-0ubuntu1.6] |
| upstream | needs-triage | |
| utopic | released | 1.7.5-3ubuntu3.2 |
| vivid | released | 2.0.2-1ubuntu3.1 |
| vivid/stable-phone-overlay | released | 2.0.2-1ubuntu3.1 |
| vivid/ubuntu-core | DNE |
Показывать по
EPSS
4.3 Medium
CVSS2
Связанные уязвимости
Cross-site scripting (XSS) vulnerability in the cgi_puts function in cgi-bin/template.c in the template engine in CUPS before 2.0.3 allows remote attackers to inject arbitrary web script or HTML via the QUERY parameter to help/.
Cross-site scripting (XSS) vulnerability in the cgi_puts function in cgi-bin/template.c in the template engine in CUPS before 2.0.3 allows remote attackers to inject arbitrary web script or HTML via the QUERY parameter to help/.
Cross-site scripting (XSS) vulnerability in the cgi_puts function in c ...
Cross-site scripting (XSS) vulnerability in the cgi_puts function in cgi-bin/template.c in the template engine in CUPS before 2.0.3 allows remote attackers to inject arbitrary web script or HTML via the QUERY parameter to help/.
Уязвимость функции cgi_puts сервера печати CUPS, позволяющая нарушителю внедрить произвольный JavaScript- или HTML-код в формируемые страницы веб-интерфейса
EPSS
4.3 Medium
CVSS2