CVE-2016-7146

Опубликовано: 10 нояб. 2016

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS2: 4.3

CVSS3: 6.1

Описание

MoinMoin 1.9.8 allows remote attackers to conduct "JavaScript injection" attacks by using the "page creation or crafted URL" approach, related to a "Cross Site Scripting (XSS)" issue affecting the action=fckdialog&dialog=attachment (via page name) component.

Релиз	Статус	Примечание
devel	released	1.9.8-1ubuntu2
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was released [1.9.7-1ubuntu2.1]]
esm-infra/xenial	released	1.9.8-1ubuntu1.16.04.1
precise	released	1.9.3-1ubuntu2.3
trusty	released	1.9.7-1ubuntu2.1
trusty/esm	DNE	trusty was released [1.9.7-1ubuntu2.1]
upstream	released	1.9.9
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE
xenial	released	1.9.8-1ubuntu1.16.04.1

Показывать по

Ссылки на источники

EPSS

Процентиль: 48%

0.0025

Низкий

4.3 Medium

CVSS2

6.1 Medium

CVSS3

Связанные уязвимости

CVE-2016-7146

CVSS3: 6.1

nvd

около 9 лет назад

CVE-2016-7146

CVSS3: 6.1

debian

около 9 лет назад

MoinMoin 1.9.8 allows remote attackers to conduct "JavaScript injectio ...

GHSA-fj26-q4vh-85f6

CVSS3: 6.1

github

больше 3 лет назад

MoinMoin Cross-site Scripting (XSS) vulnerability

EPSS

Процентиль: 48%

0.0025

Низкий

4.3 Medium

CVSS2

6.1 Medium

CVSS3

CVE-2016-7146

Описание

Пакет moin

Ссылки на источники

Связанные уязвимости