Vulnerabilidades en unclebob

6 resultados

CVE-2024-28125CRITICALFitNesse all releases allows a remote authenticated attacker to execute arbitrary OS commands. Note: A contributor of FitNesse has claimed tEPSS 1.0%CVE-2024-28039MEDIUMImproper restriction of XML external entity references vulnerability exists in FitNesse all releases, which allows a remote unauthenticated EPSS 0.7%CVE-2024-42499MEDIUMImproper limitation of a pathname to a restricted directory ('Path Traversal') issue exists in FitNesse releases prior to 20241026. If this EPSS 0.6%CVE-2024-23604MEDIUMCross-site scripting vulnerability exists in FitNesse all releases, which may allow a remote unauthenticated attacker to execute an arbitrarEPSS 0.6%CVE-2024-28128MEDIUMCross-site scripting vulnerability exists in FitNesse releases prior to 20220319, which may allow a remote unauthenticated attacker to execuEPSS 0.6%CVE-2024-39610MEDIUMCross-site scripting vulnerability exists in FitNesse releases prior to 20241026. If this vulnerability is exploited, an arbitrary script maEPSS 0.4%