CVE-2019-10779 in stroom-app정보

요약

\~에 의해 MITRE

All versions of stroom:stroom-app before 5.5.12 and all versions of the 6.0.0 branch before 6.0.25 are affected by Cross-site Scripting. An attacker website is able to load the Stroom UI into a hidden iframe. Using that iframe, the attacker site can issue commands to the Stroom UI via an XSS vulnerability to take full control of the Stroom UI on behalf of the logged-in user.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

예약하다

2019. 04. 03.

모더레이션

수락

항목

VDB-149422

CPE

준비됨

CWE

CWE-79 (확인됨)

CVSS

6.1 (NVD)

EPSS

0.00293

KEV

아니요

활동

매우 낮음

출처

MITRE	https://www.cve.org/CVERecord?id=CVE-2019-10779
NVD	https://nvd.nist.gov/vuln/detail/CVE-2019-10779
CVE Details	https://www.cvedetails.com/cve/CVE-2019-10779/

◂ 이전 개요 다음 ▸

Interested in the pricing of exploits?

See the underground prices here!