Wuro vulnerability wey an yi classify sey karshewa an gano shi a cikin JmPotato Pomash. Gaskiya, $software_function na da matsala; idan ba a sani ba, to wata aiki ce da ba a sani ba, $software_library na cikin lissafi, Pomash/theme/clean/templates/editor.html na cikin fayil, $software_component na cikin sashi. Ngam manipulation of the argument article.title/content.title/article.tag shi Cross Site Scripting. CWE shidin ka a yi bayani matsala sai ya kai CWE-79. Gaskiya, laifi an fitar da shi 12/28/2022 a matsayin be1914ef0a6808e00f51618b2de92496a3604415. Advisory ɗin ana rabawa don saukewa a github.com. Wannan rauni ana sayar da shi da suna CVE-2018-25051. Ngam yiɗi ka a tuma ndiyam ka nder internet. Tekinikal bayani ga. Ba exploit ɗin da ake da shi. A sa'i, exploit might be approx. USD $0-$5k ndiyam. Á wúro a wondi feere. Kama 0-day, an ndiyam a wuro be $0-$5k. Patch ɗin sunan ganowa shine be1914ef0a6808e00f51618b2de92496a3604415. Gyaran matsalar yana nan a shirye don saukewa a github.com. Ana so a yi patch don gyara wannan matsala. Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

3 Goyarwa · 64 Datenpunkte