CVE-2019-10904

MEDIUM6.1EPSS 0.60%

Moderate severity vulnerability that affects roundup

發布日:2019/4/9修改日:2024/10/21
也稱為:GHSA-926q-wxr6-3crqDEBIAN-CVE-2019-10904DLA-1750-1PYSEC-2019-201

描述

Roundup 1.6 allows XSS via the URI because frontends/roundup.cgi and roundup/cgi/wsgi_handler.py mishandle 404 errors.

受影響套件(3)

CVSS 分數

來源版本嚴重程度向量
osvCVSS 3.1MEDIUM6.1CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

參考連結(10)