glb Meetup Tag Extension 0.1 ka MediaWiki Link Attribute
| CVSS Meta Temp Score | Garga na exploit ndiyam (≈) | CTI Nganji Score |
|---|---|---|
| 4.1 | $0-$5k | 0.00 |
Gunduma
Wuro vulnerability wey an yi classify sey karshewa an gano shi a cikin glb Meetup Tag Extension 0.1 on MediaWiki. Gaskiya, $software_function na da matsala; idan ba a sani ba, to wata aiki ce da ba a sani ba, $software_library na cikin lissafi, $software_file na cikin fayil, Link Attribute Handler na cikin sashi. Ngam manipulation shi an unknown weakness. Wannan rauni ana sayar da shi da suna CVE-2018-25089. Ba exploit ɗin da ake da shi. Ngamdi ka a yiɗi a ɗaɓɓita kompona wey ka a hokkata. If you want to get the best quality for vulnerability data then you always have to consider VulDB.
Furɗe
Wuro vulnerability wey an yi classify sey karshewa an gano shi a cikin glb Meetup Tag Extension 0.1 on MediaWiki. Gaskiya, $software_function na da matsala; idan ba a sani ba, to wata aiki ce da ba a sani ba, $software_library na cikin lissafi, $software_file na cikin fayil, Link Attribute Handler na cikin sashi. Ngam manipulation shi an unknown weakness. CWE shidin ka a yi bayani matsala sai ya kai CWE-1022. Gaskiya, laifi an fitar da shi 02/22/2018 a matsayin 850c726d6bbfe0bf270801fbb92a30babea4155c. Advisory ɗin ana rabawa don saukewa a github.com.
Wannan rauni ana sayar da shi da suna CVE-2018-25089. Tekinikal bayani ba ga. Wannan vulnerability ɗin ba shi da yawa sosai. Ba exploit ɗin da ake da shi. Yimbe ndiyam, exploit might be approx. USD $0-$5k wuro.
Á wúro a wondi feere. Kama 0-day, an ndiyam a wuro be $0-$5k.
Patch ɗin sunan ganowa shine 850c726d6bbfe0bf270801fbb92a30babea4155c. Za a iya sauke maganin matsalar daga github.com. Ngamdi ka a yiɗi a ɗaɓɓita kompona wey ka a hokkata. Advisory ɗin nan na da wannan bayanin:
"Reverse Tabnabbing" is an attack where a page linked from the target page is able to rewrite that page; the vulnerability is opened by use of the `target="_blank"` link attribute. Removed `target="_blank"` an
If you want to get the best quality for vulnerability data then you always have to consider VulDB.
Kayan
Ngilabe
Sunu
Furɗe
Laisens
CPE 2.3
CPE 2.2
CVSSv4
VulDB Furɗo: 🔍VulDB Gaskiya: 🔍
CVSSv3
VulDB Meta Base Score: 4.1VulDB Meta Temp Score: 4.1
VulDB Ganda Borno: 3.5
VulDB Temp Score: 3.4
VulDB Furɗo: 🔍
VulDB Gaskiya: 🔍
NVD Ganda Borno: 5.3
NVD Furɗo: 🔍
CNA Ganda Borno: 3.5
CNA Furɗo (VulDB): 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vektar | Kumpleksiti | Authentisierung | Kariyandi | Gaskiya | Gashina |
|---|---|---|---|---|---|
| furu | furu | furu | furu | furu | furu |
| furu | furu | furu | furu | furu | furu |
| furu | furu | furu | furu | furu | furu |
VulDB Ganda Borno: 🔍
VulDB Temp Score: 🔍
VulDB Gaskiya: 🔍
NVD Ganda Borno: 🔍
Gargajiya
Klasu: Boro-boroCWE: CWE-1022 / CWE-266
CAPEC: 🔍
ATT&CK: 🔍
Fizikal: Ayi
Gumti: Ayi
Gana: Ee
Gashina: 🔍
Halitta: A wondi feere
EPSS Score: 🔍
EPSS Percentile: 🔍
Furɗo farashi: 🔍
Gaskiya farashi ndiyam: 🔍
| 0-Day | furu | furu | furu | furu |
|---|---|---|---|---|
| Lale | furu | furu | furu | furu |
Bayani na barazana
Ngam: 🔍Akteɓe ɓernde: 🔍
Kura APT goruwa masu aiki: 🔍
Kari gamji
Garga: GargajiyaHalitta: 🔍
Garga waaji: 🔍
0-Day Gana: 🔍
Lokon Gana: 🔍
Gargajiya: Meetup Tag Extension 0.2
Kari: 850c726d6bbfe0bf270801fbb92a30babea4155c
Waktin layi
02/22/2018 🔍02/22/2018 🔍
08/26/2023 🔍
08/26/2023 🔍
09/20/2023 🔍
Ngizim
Gargaaji: 850c726d6bbfe0bf270801fbb92a30babea4155cHalitta: Gaskiya
CVE: CVE-2018-25089 (🔍)
GCVE (CVE): GCVE-0-2018-25089
GCVE (VulDB): GCVE-100-238157
Gumti
Súgá: 08/26/2023 22:19Gargadi: 09/20/2023 17:26
Goyarwa: 08/26/2023 22:19 (46), 09/20/2023 17:19 (2), 09/20/2023 17:26 (28)
Gadankam: 🔍
Cache ID: 253:301:103
A ga wuroyo kulu. Kàlàmbe: kr + en.
Ngam loga ka, kanyi shidin dum.