BDU:2020-03986

BDU

Medium

Уязвимость системы управления содержимым сайта WordPress связана с непринятием мер по нейтрализации scipt-related тэгов html на веб-страниц…

CVSS

6.5

Medium

EPSS

0.00

Published

2020-01-01

Updated

2020-01-01

Description

Уязвимость системы управления содержимым сайта WordPress связана с непринятием мер по нейтрализации scipt-related тэгов html на веб-странице. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, оказать воздействие на целостность данных

Affected products

Wordpress foundation WordPressWordpress foundation WordPressWordpress foundation WordPressWordpress foundation WordPressWordpress foundation WordPressWordpress foundation WordPressWordpress foundation WordPressWordpress foundation WordPressWordpress foundation WordPressWordpress foundation WordPressWordpress foundation WordPressWordpress foundation WordPressWordpress foundation WordPressWordpress foundation WordPressWordpress foundation WordPressWordpress foundation WordPressWordpress foundation WordPressWordpress foundation WordPressWordpress foundation WordPressWordpress foundation WordPress

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Timeline

2020-01-01

Published

2020-01-01

Updated

CVSS 3.1 breakdown

Attack Vector

AV: N

Network (N)

Attack Complexity

AC: L

Low (L)

Privileges Required

PR: L

Low (L)

User Interaction

UI: N

None (N)

Scope

S: U

Unchanged (U)

Confidentiality Impact

C: N

None (N)

Integrity Impact

I: H

High (H)

Availability Impact

A: N

None (N)

Exploit indicators

EPSS

0.000 · p0

Known exploited (KEV)

Known exploits — Сканер-ВС

No Сканер-ВС checks registered for this vulnerability yet.

Affected products

Wordpress Foundation

Wordpress

Product	Vendor	Status
wordpress	wordpress foundation	Tracked
wordpress	wordpress foundation	Tracked
wordpress	wordpress foundation	Tracked
wordpress	wordpress foundation	Tracked
wordpress	wordpress foundation	Tracked
wordpress	wordpress foundation	Tracked
wordpress	wordpress foundation	Tracked
wordpress	wordpress foundation	Tracked
wordpress	wordpress foundation	Tracked
wordpress	wordpress foundation	Tracked
wordpress	wordpress foundation	Tracked
wordpress	wordpress foundation	Tracked
wordpress	wordpress foundation	Tracked
wordpress	wordpress foundation	Tracked
wordpress	wordpress foundation	Tracked
wordpress	wordpress foundation	Tracked
wordpress	wordpress foundation	Tracked
wordpress	wordpress foundation	Tracked
wordpress	wordpress foundation	Tracked
wordpress	wordpress foundation	Tracked

Showing first 20 of 72

Source databases

BDU

Related vulnerabilities

CVE-2020-4047

External references

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-4047@https://wordpress.org/news/2020/06/wordpress-5-4-2-security-and-maintenance-release/@https://nvd.nist.gov/vuln/detail/CVE-2020-4047@https://security-tracker.debian.org/tracker/CVE-2020-4047@https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/773N2ZV7QEMBGKH6FBKI6Q5S3YJMW357/@https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODNHXVJS25YVWYQHOCICXTLIN5UYJFDN/