CVE-2016-4875 in Geeklogالمعلومات

الملخص

بحسب MITRE

Multiple cross-site scripting (XSS) vulnerabilities in the IVYWE (1) Assist plugin before 1.1.2.test20160906, (2) dataBox plugin before 0.0.0.20160906, and (3) userBox plugin before 0.0.0.20160906 for Geeklog allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Be aware that VulDB is the high quality source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

حجز

17/05/2016

إفشاء

14/04/2017

الاعتدال

تمت الموافقة

إدخال

VDB-99880

CPE

جاهز

CWE

CWE-79 (مؤكد)

CVSS

6.1 (NVD)

EPSS

0.00601

KEV

لا

النشاطات

منخفض جدًا

القطاع

Education

المصادر

MITRE	https://www.cve.org/CVERecord?id=CVE-2016-4875
NVD	https://nvd.nist.gov/vuln/detail/CVE-2016-4875
CVE Details	https://www.cvedetails.com/cve/CVE-2016-4875/

التالي ▸نظرة عامة ◂ السابق

Do you need the next level of professionalism?

Upgrade your account now!