CVE-2015-8856

Опубликовано: 23 янв. 2017

Источник: ubuntu

Приоритет: medium

CVSS2: 4.3

CVSS3: 6.1

Описание

Cross-site scripting (XSS) vulnerability in the serve-index package before 1.6.3 for Node.js allows remote attackers to inject arbitrary web script or HTML via a crafted file or directory name.

Релиз	Статус	Примечание
artful	ignored	end of life
bionic	ignored	end of standard support, was needed
cosmic	ignored	end of life
devel	not-affected	1.9.1-1
disco	not-affected	1.9.1-1
eoan	not-affected	1.9.1-1
esm-apps/bionic	needed
esm-apps/focal	not-affected	1.9.1-1
esm-apps/jammy	not-affected	1.9.1-1
esm-apps/noble	not-affected	1.9.1-1

Показывать по

Ссылки на источники

4.3 Medium

CVSS2

6.1 Medium

CVSS3

Связанные уязвимости

CVE-2015-8856

CVSS3: 6.1

nvd

около 9 лет назад

Cross-site scripting (XSS) vulnerability in the serve-index package before 1.6.3 for Node.js allows remote attackers to inject arbitrary web script or HTML via a crafted file or directory name.

CVE-2015-8856

CVSS3: 6.1

debian

около 9 лет назад

Cross-site scripting (XSS) vulnerability in the serve-index package be ...

GHSA-v633-x5vv-hqwc

CVSS3: 6.1

github

больше 8 лет назад

Cross-Site Scripting in serve-index

4.3 Medium

CVSS2

6.1 Medium

CVSS3

CVE-2015-8856

Описание

Пакет node-serve-index

Ссылки на источники

Связанные уязвимости