exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 2

CVE-2024-38364

больше 1 года назад

DSpace is an open source software is a turnkey repository application used by more than 2,000 organizations and institutions worldwide to provide durable access to digital resources. In DSpace 7.0 through 7.6.1, when an HTML, XML or JavaScript Bitstream is downloaded, the user's browser may execute any embedded JavaScript. If that embedded JavaScript is malicious, there is a risk of an XSS attack. This vulnerability has been patched in version 7.6.2.

CVSS3: 2.6

EPSS: Низкий

GHSA-94cc-xjxr-pwvf

больше 1 года назад

DSpace Cross Site Scripting (XSS) via a deposited HTML/XML document

CVSS3: 2.6

EPSS: Низкий

Уязвимостей на страницу

	Уязвимость	CVSS	EPSS	Опубликовано
	CVE-2024-38364 DSpace is an open source software is a turnkey repository application used by more than 2,000 organizations and institutions worldwide to provide durable access to digital resources. In DSpace 7.0 through 7.6.1, when an HTML, XML or JavaScript Bitstream is downloaded, the user's browser may execute any embedded JavaScript. If that embedded JavaScript is malicious, there is a risk of an XSS attack. This vulnerability has been patched in version 7.6.2.	CVSS3: 2.6	0% Низкий	больше 1 года назад
	GHSA-94cc-xjxr-pwvf DSpace Cross Site Scripting (XSS) via a deposited HTML/XML document	CVSS3: 2.6	0% Низкий	больше 1 года назад

Уязвимостей на страницу