Количество 2
Количество 2
CVE-2017-6905
An issue was discovered in concrete5 <= 5.6.3.4. The vulnerability exists due to insufficient filtration of user-supplied data (disable_choose) passed to the "concrete5-legacy-master/web/concrete/tools/files/search_dialog.php" URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website.
GHSA-5v8q-gjmf-rmm4
An issue was discovered in concrete5 <= 5.6.3.4. The vulnerability exists due to insufficient filtration of user-supplied data (disable_choose) passed to the "concrete5-legacy-master/web/concrete/tools/files/search_dialog.php" URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2017-6905 An issue was discovered in concrete5 <= 5.6.3.4. The vulnerability exists due to insufficient filtration of user-supplied data (disable_choose) passed to the "concrete5-legacy-master/web/concrete/tools/files/search_dialog.php" URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website. | CVSS3: 6.1 | 0% Низкий | почти 9 лет назад |
| GHSA-5v8q-gjmf-rmm4 An issue was discovered in concrete5 <= 5.6.3.4. The vulnerability exists due to insufficient filtration of user-supplied data (disable_choose) passed to the "concrete5-legacy-master/web/concrete/tools/files/search_dialog.php" URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website. | CVSS3: 6.1 | 0% Низкий | больше 3 лет назад |
Уязвимостей на страницу