Vulnerability Details CVE-2019-12905
FileRun 2019.05.21 allows XSS via the filename to the ?module=fileman§ion=do&page=up URI. This issue has been fixed in FileRun 2019.06.01.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.037
EPSS Ranking 87.4%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 4.3
References
- http://packetstormsecurity.com/files/158173/FileRun-2019.05.21-Cross-Site-Scripting.html
- https://github.com/EmreOvunc/FileRun-Vulnerabilities/
- https://github.com/EmreOvunc/FileRun-Vulnerabilities/issues/3
- http://packetstormsecurity.com/files/158173/FileRun-2019.05.21-Cross-Site-Scripting.html
- https://github.com/EmreOvunc/FileRun-Vulnerabilities/
- https://github.com/EmreOvunc/FileRun-Vulnerabilities/issues/3