CPE Details
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
CPE Name: cpe:2.3:a:yourls:yourls:1.7:*:*:*:*:*:*:*
Informations
Vendor
yourlsProduct
yourlsVersion
1.7Related CVE
| CVE ID | Publié | Description | Score | Gravité |
|---|---|---|---|---|
| Cross-Site Request Forgery (CSRF) in GitHub repository yourls/yourls prior to 1.8.3. | 7.4 |
Haute |
||
| yourls is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | 5.4 |
Moyen |
||
| yourls is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | 6.1 |
Moyen |
||
| yourls is vulnerable to Improper Restriction of Rendered UI Layers or Frames | 8.8 |
Haute |
||
| Multiple Stored Cross Site Scripting (XSS) vulnerabilities exist in the YOURLS Admin Panel, Versions 1.5 - 1.7.10. An authenticated user must modify a PHP plugin with a malicious payload and upload it, resulting in multiple stored XSS issues. | 5.4 |
Moyen |
||
| YOURLS through 1.7.3 is affected by a type juggling vulnerability in the api component that can result in login bypass. | 9.8 |
Critique |
||
| Cross-site scripting (XSS) vulnerability in the administrator panel in Yourls 1.7 allows remote attackers to inject arbitrary web script or HTML via a URL that is processed by the Shorten functionality. | 4.3 |
