CVSS Score 7.2 Critical

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Changed

Confidentiality Impact

Low

Integrity Impact

Low

Availability Impact

None

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N

CWE

CWE-79

Description

CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

The software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

Sign in and get help with:

  • Vulnerability details for your components
  • Affected components
  • Affected versions
Sign In