Опубликовано: 26 мар. 2019
Источник: ubuntu
Приоритет: medium
EPSS Средний
CVSS2: 3.5
CVSS3: 5.4
Описание
In Drupal 7 versions prior to 7.65; Drupal 8.6 versions prior to 8.6.13;Drupal 8.5 versions prior to 8.5.14. Under certain circumstances the File module/subsystem allows a malicious user to upload a file that can trigger a cross-site scripting (XSS) vulnerability.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | DNE | |
| devel | DNE | |
| esm-apps/xenial | needed | |
| esm-infra-legacy/trusty | needed | |
| esm-infra/focal | DNE | |
| focal | DNE | |
| groovy | DNE | |
| hirsute | DNE | |
| impish | DNE | |
| jammy | DNE |
Показывать по
10
EPSS
Процентиль: 98%
0.58104
Средний
3.5 Low
CVSS2
5.4 Medium
CVSS3
Связанные уязвимости
CVSS3: 5.4
nvd
около 6 лет назад
In Drupal 7 versions prior to 7.65; Drupal 8.6 versions prior to 8.6.13;Drupal 8.5 versions prior to 8.5.14. Under certain circumstances the File module/subsystem allows a malicious user to upload a file that can trigger a cross-site scripting (XSS) vulnerability.
CVSS3: 5.4
debian
около 6 лет назад
In Drupal 7 versions prior to 7.65; Drupal 8.6 versions prior to 8.6.1 ...
EPSS
Процентиль: 98%
0.58104
Средний
3.5 Low
CVSS2
5.4 Medium
CVSS3