Опубликовано: 21 янв. 2022
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 3.5
CVSS3: 5.4
Описание
Cross site scripting (XSS) vulnerability in spotweb 1.4.9, allows authenticated attackers to execute arbitrary code via crafted GET request to the login page.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needs-triage |
| esm-apps/bionic | needs-triage | |
| esm-apps/focal | needs-triage | |
| focal | ignored | end of standard support, was needs-triage |
| trusty | ignored | end of standard support |
| upstream | needs-triage | |
| xenial | ignored | end of standard support |
Показывать по
10
EPSS
Процентиль: 50%
0.00271
Низкий
3.5 Low
CVSS2
5.4 Medium
CVSS3
Связанные уязвимости
CVSS3: 5.4
nvd
около 4 лет назад
Cross site scripting (XSS) vulnerability in spotweb 1.4.9, allows authenticated attackers to execute arbitrary code via crafted GET request to the login page.
CVSS3: 5.4
debian
около 4 лет назад
Cross site scripting (XSS) vulnerability in spotweb 1.4.9, allows auth ...
github
около 4 лет назад
Cross site scripting (XSS) vulnerability in spotweb 1.4.9, allows authenticated attackers to execute arbitrary code via crafted GET request to the login page.
EPSS
Процентиль: 50%
0.00271
Низкий
3.5 Low
CVSS2
5.4 Medium
CVSS3