| ID |
CVE-2024-28853
|
| Sažetak |
Ampache is a web based audio/video streaming application and file manager. Stored Cross Site Scripting (XSS) vulnerability in ampache before v6.3.1 allows a remote attacker to execute code via a crafted payload to serval parameters in the post request of /preferences.php?action=admin_update_preferences. This vulnerability is fixed in 6.3.1. |
| Reference |
|
| CVSS |
| Base: | 3.9 |
| Impact: | 3.4 |
| Exploitability: | 0.5 |
|
| Pristup |
| Vektor | Složenost | Autentikacija |
| NETWORK |
HIGH |
HIGH |
|
| Impact |
| Povjerljivost | Cjelovitost | Dostupnost |
| LOW |
LOW |
LOW |
|
| CVSS vektor |
CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L |
| Zadnje važnije ažuriranje |
15-01-2025 - 17:52 |
| Objavljeno |
27-03-2024 - 14:15 |
