Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2018-1000998

Опубликовано: 04 фев. 2019
Источник: ubuntu
Приоритет: medium
CVSS2: 4.3
CVSS3: 6.1

Описание

FreeBSD CVSweb version 2.x contains a Cross Site Scripting (XSS) vulnerability in all pages that can result in limited impact--CVSweb is anonymous & read-only. It might impact other sites on same domain. This attack appears to be exploitable via victim must load specially crafted url. This vulnerability appears to have been fixed in 3.x.

РелизСтатусПримечание
bionic

not-affected

3:3.0.6-8
devel

not-affected

esm-apps/bionic

not-affected

3:3.0.6-8
esm-apps/focal

not-affected

esm-apps/jammy

not-affected

esm-apps/xenial

not-affected

3:3.0.6-8
esm-infra-legacy/trusty

DNE

focal

not-affected

groovy

not-affected

hirsute

not-affected

Показывать по

Ссылки на источники

4.3 Medium

CVSS2

6.1 Medium

CVSS3

Связанные уязвимости

nvd логотип

CVE-2018-1000998

CVSS3: 6.1
nvd
около 7 лет назад

FreeBSD CVSweb version 2.x contains a Cross Site Scripting (XSS) vulnerability in all pages that can result in limited impact--CVSweb is anonymous & read-only. It might impact other sites on same domain. This attack appears to be exploitable via victim must load specially crafted url. This vulnerability appears to have been fixed in 3.x.

debian логотип

CVE-2018-1000998

CVSS3: 6.1
debian
около 7 лет назад

FreeBSD CVSweb version 2.x contains a Cross Site Scripting (XSS) vulne ...

github логотип

GHSA-mxq7-h42w-wh9g

CVSS3: 6.1
github
больше 3 лет назад

FreeBSD CVSweb version 2.x contains a Cross Site Scripting (XSS) vulnerability in all pages that can result in limited impact--CVSweb is anonymous & read-only. It might impact other sites on same domain. This attack appears to be exploitable via victim must load specially crafted url. This vulnerability appears to have been fixed in 3.x.

4.3 Medium

CVSS2

6.1 Medium

CVSS3

Уязвимость CVE-2018-1000998