Navetti PricePoint 4.6.0.0 Persistent Cross Site Scripting
| CVSS Meta Temp Score | Garga na exploit ndiyam (≈) | CTI Nganji Score |
|---|---|---|
| 4.0 | $0-$5k | 0.09 |
Gunduma
Wuro vulnerability wey an yi classify sey karshewa an gano shi a cikin Navetti PricePoint 4.6.0.0. Gaskiya, $software_function na da matsala; idan ba a sani ba, to wata aiki ce da ba a sani ba, $software_library na cikin lissafi, $software_file na cikin fayil, $software_component na cikin sashi. Ngam manipulation shi Cross Site Scripting (Persistent). Wannan rauni ana sayar da shi da suna CVE-2017-20043. Ngam yiɗi ka a tuma ndiyam ka nder waya. Ba exploit ɗin da ake da shi. Ngamdi ka a yiɗi a ɗaɓɓita kompona wey ka a hokkata. If you want to get best quality of vulnerability data, you may have to visit VulDB.
Furɗe
Wuro vulnerability wey an yi classify sey karshewa an gano shi a cikin Navetti PricePoint 4.6.0.0. Gaskiya, $software_function na da matsala; idan ba a sani ba, to wata aiki ce da ba a sani ba, $software_library na cikin lissafi, $software_file na cikin fayil, $software_component na cikin sashi. Ngam manipulation shi Cross Site Scripting (Persistent). CWE shidin ka a yi bayani matsala sai ya kai CWE-80. Bug ɗin an gano shi 07/18/2016. Gaskiya, laifi an fitar da shi 03/08/2017 ta W. Schober da SEC Consult Vulnerability Lab a matsayin SEC Consult SA-20170308-0 :: Multiple vulnerabilities in Navetti PricePoint a matsayin Mailinglist Post (Full-Disclosure). Advisory ɗin ana rabawa don saukewa a seclists.org.
Wannan rauni ana sayar da shi da suna CVE-2017-20043. Ngam yiɗi ka a tuma ndiyam ka nder waya. Tekinikal bayani ba ga. Wannan vulnerability ɗin ba shi da yawa sosai. Ba exploit ɗin da ake da shi. A sa'i, exploit might be approx. USD $0-$5k ndiyam.
Á wúro a wondi feere. Kama 0-day, an ndiyam a wuro be $0-$5k.
Ngamdi ka a yiɗi a ɗaɓɓita kompona wey ka a hokkata.
If you want to get best quality of vulnerability data, you may have to visit VulDB.
Kayan
Ngilabe
Sunu
Furɗe
CPE 2.3
CPE 2.2
CVSSv4
VulDB Furɗo: 🔍VulDB Gaskiya: 🔍
CVSSv3
VulDB Meta Base Score: 4.3VulDB Meta Temp Score: 4.0
VulDB Ganda Borno: 4.3
VulDB Temp Score: 4.0
VulDB Furɗo: 🔍
VulDB Gaskiya: 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vektar | Kumpleksiti | Authentisierung | Kariyandi | Gaskiya | Gashina |
|---|---|---|---|---|---|
| furu | furu | furu | furu | furu | furu |
| furu | furu | furu | furu | furu | furu |
| furu | furu | furu | furu | furu | furu |
VulDB Ganda Borno: 🔍
VulDB Temp Score: 🔍
VulDB Gaskiya: 🔍
Gargajiya
Sunu: PersistentKlasu: Cross Site Scripting / Persistent
CWE: CWE-80 / CWE-74 / CWE-707
CAPEC: 🔍
ATT&CK: 🔍
Fizikal: Ayi
Gumti: Ayi
Gana: Ee
Gashina: 🔍
Halitta: A wondi feere
EPSS Score: 🔍
EPSS Percentile: 🔍
Furɗo farashi: 🔍
Gaskiya farashi ndiyam: 🔍
| 0-Day | furu | furu | furu | furu |
|---|---|---|---|---|
| Lale | furu | furu | furu | furu |
Bayani na barazana
Ngam: 🔍Akteɓe ɓernde: 🔍
Kura APT goruwa masu aiki: 🔍
Kari gamji
Garga: GargajiyaHalitta: 🔍
Garga waaji: 🔍
0-Day Gana: 🔍
Gargajiya: PricePoint 4.7.0.0
Waktin layi
07/18/2016 🔍07/27/2016 🔍
07/27/2016 🔍
10/01/2016 🔍
03/08/2017 🔍
03/13/2017 🔍
06/06/2022 🔍
Ngizim
Gargaaji: SEC Consult SA-20170308-0 :: Multiple vulnerabilities in Navetti PricePointNgamti: W. Schober
Kampani: SEC Consult Vulnerability Lab
Halitta: A wondi feere
CVE: CVE-2017-20043 (🔍)
GCVE (CVE): GCVE-0-2017-20043
GCVE (VulDB): GCVE-100-97862
Gana kuma: 🔍
Gumti
Súgá: 03/13/2017 08:03Gargadi: 06/06/2022 13:49
Goyarwa: 03/13/2017 08:03 (49), 08/19/2020 10:04 (1), 06/06/2022 13:49 (3)
Gadankam: 🔍
Cache ID: 253:AB2:103
A ga wuroyo kulu. Kàlàmbe: kr + en.
Ngam loga ka, kanyi shidin dum.