Количество 2
Количество 2
CVE-2021-27912
больше 4 лет назад
Mautic versions before 3.3.4/4.0.0 are vulnerable to an inline JS XSS attack when viewing Mautic assets by utilizing inline JS in the title and adding a broken image URL as a remote asset. This can only be leveraged by an authenticated user with permission to create or edit assets.
CVSS3: 7.1
EPSS: Низкий
GHSA-rh5w-82wh-jhr8
больше 4 лет назад
XSS vulnerability on asset view
CVSS3: 7.1
EPSS: Низкий
Уязвимостей на страницу
20
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2021-27912 Mautic versions before 3.3.4/4.0.0 are vulnerable to an inline JS XSS attack when viewing Mautic assets by utilizing inline JS in the title and adding a broken image URL as a remote asset. This can only be leveraged by an authenticated user with permission to create or edit assets. | CVSS3: 7.1 | 1% Низкий | больше 4 лет назад |
| GHSA-rh5w-82wh-jhr8 XSS vulnerability on asset view | CVSS3: 7.1 | 1% Низкий | больше 4 лет назад |
Уязвимостей на страницу
20