Количество 3
Количество 3
CVE-2019-25264
Snipe-IT 4.7.5 contains a persistent cross-site scripting vulnerability that allows authorized users to upload malicious SVG files with embedded JavaScript. Attackers can craft SVG files with script tags to execute arbitrary JavaScript when the accessory is viewed by other users.
CVE-2019-25264
Snipe-IT 4.7.5 contains a persistent cross-site scripting vulnerabilit ...
GHSA-h4wj-v9vp-683h
Snipe-IT 4.7.5 contains a persistent cross-site scripting vulnerability that allows authorized users to upload malicious SVG files with embedded JavaScript. Attackers can craft SVG files with script tags to execute arbitrary JavaScript when the accessory is viewed by other users.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2019-25264 Snipe-IT 4.7.5 contains a persistent cross-site scripting vulnerability that allows authorized users to upload malicious SVG files with embedded JavaScript. Attackers can craft SVG files with script tags to execute arbitrary JavaScript when the accessory is viewed by other users. | CVSS3: 6.4 | 0% Низкий | 5 месяцев назад |
| CVE-2019-25264 Snipe-IT 4.7.5 contains a persistent cross-site scripting vulnerabilit ... | CVSS3: 6.4 | 0% Низкий | 5 месяцев назад |
| GHSA-h4wj-v9vp-683h Snipe-IT 4.7.5 contains a persistent cross-site scripting vulnerability that allows authorized users to upload malicious SVG files with embedded JavaScript. Attackers can craft SVG files with script tags to execute arbitrary JavaScript when the accessory is viewed by other users. | CVSS3: 6.4 | 0% Низкий | 5 месяцев назад |
Уязвимостей на страницу