← volver
CVE-2013-7351

CVE-2013-7351

EPSS 2.2%
Multiple cross-site scripting (XSS) vulnerabilities in index.php in Shaarli allow remote attackers to inject arbitrary web script or HTML via the URL to the (1) showRSS, (2) showATOM, or (3) showDailyRSS function; a (4) file name to the importFile function; or (5) vectors related to bookmarks.
Productos afectados
Shaarli · Shaarli

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
http://seclists.org/oss-sec/2014/q2/1http://seclists.org/oss-sec/2014/q2/4https://exchange.xforce.ibmcloud.com/vulnerabilities/92215https://github.com/sebsauvage/Shaarli/commit/53da201749f8f362323ef278bf338f1d9f7a925ahttps://github.com/sebsauvage/Shaarli/issues/134