CVE-2023-6142 in Dev Blog정보

요약

\~에 의해 MITRE • 2023. 11. 21.

Dev blog v1.0 allows to exploit an XSS through an unrestricted file upload, together with a bad entropy of filenames. With this an attacker can upload a malicious HTML file, then guess the filename of the uploaded file and send it to a potential victim.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

책임이 있는

Fluid Attacks

예약하다

2023. 11. 14.

모더레이션

수락

항목

VDB-245860

EPSS

0.00425

부문

Education

출처

Do you know our Splunk app?

Download it now for free!