exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 4

CVE-2025-71240

около 2 месяцев назад

SPIP before 4.2.15 allows Cross-Site Scripting (XSS) via crafted content in HTML code tags. The application does not properly verify JavaScript within code tags, allowing an attacker to inject malicious scripts that execute in a victim's browser.

CVSS3: 5.4

EPSS: Низкий

CVE-2025-71240

около 2 месяцев назад

SPIP before 4.2.15 allows Cross-Site Scripting (XSS) via crafted content in HTML code tags. The application does not properly verify JavaScript within code tags, allowing an attacker to inject malicious scripts that execute in a victim's browser.

CVSS3: 5.4

EPSS: Низкий

CVE-2025-71240

около 2 месяцев назад

SPIP before 4.2.15 allows Cross-Site Scripting (XSS) via crafted conte ...

CVSS3: 5.4

EPSS: Низкий

GHSA-3cj5-wr93-33x7

около 2 месяцев назад

SPIP before 4.2.15 allows Cross-Site Scripting (XSS) via crafted content in HTML code tags. The application does not properly verify JavaScript within code tags, allowing an attacker to inject malicious scripts that execute in a victim's browser.

CVSS3: 5.4

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2025-71240 SPIP before 4.2.15 allows Cross-Site Scripting (XSS) via crafted content in HTML code tags. The application does not properly verify JavaScript within code tags, allowing an attacker to inject malicious scripts that execute in a victim's browser.	CVSS3: 5.4	0% Низкий	около 2 месяцев назад
CVE-2025-71240 SPIP before 4.2.15 allows Cross-Site Scripting (XSS) via crafted content in HTML code tags. The application does not properly verify JavaScript within code tags, allowing an attacker to inject malicious scripts that execute in a victim's browser.	CVSS3: 5.4	0% Низкий	около 2 месяцев назад
CVE-2025-71240 SPIP before 4.2.15 allows Cross-Site Scripting (XSS) via crafted conte ...	CVSS3: 5.4	0% Низкий	около 2 месяцев назад
GHSA-3cj5-wr93-33x7 SPIP before 4.2.15 allows Cross-Site Scripting (XSS) via crafted content in HTML code tags. The application does not properly verify JavaScript within code tags, allowing an attacker to inject malicious scripts that execute in a victim's browser.	CVSS3: 5.4	0% Низкий	около 2 месяцев назад

Уязвимостей на страницу