Описание
Cross-site scripting (XSS) vulnerability in templates/installer/step-004.inc.php in spotweb 1.5.1 and below allow remote attackers to inject arbitrary web script or HTML via the newpassword2 parameter.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | not-affected | |
| devel | DNE | |
| esm-apps/bionic | not-affected | |
| esm-apps/focal | not-affected | |
| esm-infra-legacy/trusty | DNE | |
| focal | not-affected | |
| hirsute | DNE | |
| impish | DNE | |
| jammy | DNE | |
| trusty | ignored | end of standard support |
Показывать по
4.3 Medium
CVSS2
6.1 Medium
CVSS3
Связанные уязвимости
Cross-site scripting (XSS) vulnerability in templates/installer/step-004.inc.php in spotweb 1.5.1 and below allow remote attackers to inject arbitrary web script or HTML via the newpassword2 parameter.
Cross-site scripting (XSS) vulnerability in templates/installer/step-0 ...
Cross-site scripting (XSS) vulnerability in templates/installer/step-004.inc.php in spotweb 1.5.1 and below allow remote attackers to inject arbitrary web script or HTML via the newpassword2 parameter.
4.3 Medium
CVSS2
6.1 Medium
CVSS3