Количество 3
Количество 3
CVE-2023-38501
copyparty is file server software. Prior to version 1.8.7, the application contains a reflected cross-site scripting via URL-parameter `?k304=...` and `?setck=...`. The worst-case outcome of this is being able to move or delete existing files on the server, or upload new files, using the account of the person who clicks the malicious link. It is recommended to change the passwords of one's copyparty accounts, unless one have inspected one's logs and found no trace of attacks. Version 1.8.7 contains a patch for the issue.
GHSA-f54q-j679-p9hh
copyparty vulnerable to reflected cross-site scripting via k304 parameter
BDU:2023-06643
Уязвимость веб-интерфейса файлового сервера Copyparty, позволяющая нарушителю провести атаку межсайтового скриптинга (XSS)
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2023-38501 copyparty is file server software. Prior to version 1.8.7, the application contains a reflected cross-site scripting via URL-parameter `?k304=...` and `?setck=...`. The worst-case outcome of this is being able to move or delete existing files on the server, or upload new files, using the account of the person who clicks the malicious link. It is recommended to change the passwords of one's copyparty accounts, unless one have inspected one's logs and found no trace of attacks. Version 1.8.7 contains a patch for the issue. | CVSS3: 6.3 | 81% Высокий | больше 2 лет назад |
| GHSA-f54q-j679-p9hh copyparty vulnerable to reflected cross-site scripting via k304 parameter | CVSS3: 6.3 | 81% Высокий | больше 2 лет назад |
 | BDU:2023-06643 Уязвимость веб-интерфейса файлового сервера Copyparty, позволяющая нарушителю провести атаку межсайтового скриптинга (XSS) | CVSS3: 6.1 | 81% Высокий | больше 2 лет назад |
Уязвимостей на страницу