PT-2023-10156 · Unknown · Qt-Users-Jp Silk
Published
2023-02-20
·
Updated
2024-05-17
·
CVE-2014-125088
CVSS v2.0
4.0
Medium
| Vector | AV:N/AC:L/Au:S/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
qt-users-jp silk version 0.0.1
Description
A problem was found in the file contents/root/examples/header.qml. The manipulation of the
model.key and model.value arguments leads to cross-site scripting. The attack can be initiated remotely.Recommendations
To fix this issue, apply the patch bbc5d6eeea800025ef29edda3fd3c57836239eae. As a temporary workaround, consider restricting the manipulation of the
model.key and model.value arguments in the affected file until the patch is applied.Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Qt-Users-Jp Silk