CVE-2019-6780

Sažetak

The Wise Chat plugin before 2.7 for WordPress mishandles external links because rendering/filters/post/WiseChatLinksPostFilter.php omits noopener and noreferrer.

Reference

https://plugins.trac.wordpress.org/changeset/2016929/wise-chat/trunk/src/rendering/filters/post/WiseChatLinksPostFilter.php
https://wordpress.org/plugins/wise-chat/#developers
https://www.exploit-db.com/exploits/46247/

CVSS

Base:	5.8
Impact:	4.9
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	NONE

CVSS vektor

AV:N/AC:M/Au:N/C:P/I:P/A:N

Zadnje važnije ažuriranje

28-01-2019 - 14:11

Objavljeno

24-01-2019 - 20:29