Csaf Provider
1 CVEs
product
Monthly
The csaf_provider package before 0.8.2 allows XSS via a crafted CSAF document uploaded as text/html. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
XSS
Csaf Provider
NVD
CVSS 3.1
5.4
EPSS
0.5%
EPSS 0%
CVSS 5.4
MEDIUM
PATCH
This Month
The csaf_provider package before 0.8.2 allows XSS via a crafted CSAF document uploaded as text/html. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
XSS
Csaf Provider
NVD