Podatność CVE-2018-19498

Podatność CVE-2018-19498

Publikacja: 2019-03-21

Opis:

Typ:

(Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))

Ogólna skala CVSS	Znaczenie	Łatwość wykorzystania
4.3/10	2.9/10	8.6/10

Affected software
Simplenia -> Pages

http://packetstormsecurity.com/files/151466/Pages-For-Bitbucket-Server-2.6.0-Cross-Site-Scripting.html

https://marketplace.atlassian.com/apps/1212525/pages-for-bitbucket-server/version-history

https://seclists.org/bugtraq/2019/Jan/53

https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2018-037.txt