← voltar
CVE-2013-7351

CVE-2013-7351

EPSS 2.2%
Multiple cross-site scripting (XSS) vulnerabilities in index.php in Shaarli allow remote attackers to inject arbitrary web script or HTML via the URL to the (1) showRSS, (2) showATOM, or (3) showDailyRSS function; a (4) file name to the importFile function; or (5) vectors related to bookmarks.
Produtos afetados
Shaarli · Shaarli

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
http://seclists.org/oss-sec/2014/q2/1http://seclists.org/oss-sec/2014/q2/4https://exchange.xforce.ibmcloud.com/vulnerabilities/92215https://github.com/sebsauvage/Shaarli/commit/53da201749f8f362323ef278bf338f1d9f7a925ahttps://github.com/sebsauvage/Shaarli/issues/134