Количество 3
Количество 3
CVE-2022-37431
A Reflected Cross-site scripting (XSS) issue was discovered in dotCMS Core through 22.06. This occurs in the admin portal when the configuration has XSS_PROTECTION_ENABLED=false. NOTE: the vendor disputes this because the current product behavior, in effect, has XSS_PROTECTION_ENABLED=true in all configurations
GHSA-p76v-jq4p-p3p5
A Reflected Cross-site scripting (XSS) issue was discovered in dotCMS Core through 22.06. This occurs in the admin portal when the configuration has XSS_PROTECTION_ENABLED=false.
BDU:2022-06365
Уязвимость портала администрирования системы управления контентом dotCMS, позволяющая нарушителю осуществлять межсайтовые сценарные атаки
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2022-37431 A Reflected Cross-site scripting (XSS) issue was discovered in dotCMS Core through 22.06. This occurs in the admin portal when the configuration has XSS_PROTECTION_ENABLED=false. NOTE: the vendor disputes this because the current product behavior, in effect, has XSS_PROTECTION_ENABLED=true in all configurations | CVSS3: 6.1 | 0% Низкий | больше 3 лет назад |
| GHSA-p76v-jq4p-p3p5 A Reflected Cross-site scripting (XSS) issue was discovered in dotCMS Core through 22.06. This occurs in the admin portal when the configuration has XSS_PROTECTION_ENABLED=false. | CVSS3: 6.1 | 0% Низкий | больше 3 лет назад |
 | BDU:2022-06365 Уязвимость портала администрирования системы управления контентом dotCMS, позволяющая нарушителю осуществлять межсайтовые сценарные атаки | CVSS3: 6.1 | 0% Низкий | больше 3 лет назад |
Уязвимостей на страницу