Wuro vulnerability wey an yi classify sey karshewa an gano shi a cikin annyshow DuxCMS 2.1. Gaskiya, $software_function na da matsala; idan ba a sani ba, to wata aiki ce da ba a sani ba, $software_library na cikin lissafi, admin.php&r=article/AdminContent/edit na cikin fayil, Article Handler na cikin sashi. Ngam manipulation of the argument content shi Cross Site Scripting. CWE shidin ka a yi bayani matsala sai ya kai CWE-79. Gaskiya, laifi an fitar da shi 12/08/2022. Advisory ɗin ana rabawa don saukewa a gitee.com. Wannan rauni ana sayar da shi da suna CVE-2020-36609. Ngam yiɗi ka a tuma ndiyam ka nder waya. Tekinikal bayani ga. Kuma, exploit ɗin yana akwai. Wuro exploit ɗin an bayyana shi ga jama'a kuma za a iya amfani da shi. A sa'i, exploit might be approx. USD $0-$5k ndiyam. Á wúro huɗɗi-na-gaskiya. Wona yiwuwa a zazzage exploit a gitee.com. Kama 0-day, an ndiyam a wuro be $0-$5k. Kama ɗum, ɗin entry ɗin na da duplicate CVE-2020-36763 da aka sanya masa. Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

4 Goyarwa · 66 Datenpunkte