CVE-2017-16807

MEDIUM5.4EPSS 0.13%

Kirby XSS Vulnerability

發布日:2022/5/14修改日:2023/11/8
也稱為:GHSA-275c-v3rc-xghx

描述

A cross-site Scripting (XSS) vulnerability in Kirby Panel before 2.3.3, 2.4.x before 2.4.2, and 2.5.x before 2.5.7 exists when displaying a specially prepared SVG document that has been uploaded as a content file.

受影響套件(1)

CVSS 分數

來源版本嚴重程度向量
osvCVSS 3.1MEDIUM5.4CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

參考連結(4)