As an impact it is known to affect confidentiality, and integrity. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. The manipulation with an unknown input le to a redirect vulnerability.
How it works
The Temp Score considers temporal factors like disclosure, exploit and countermeasures. A good indicator to understand the monetary effort required for and the popularity of an attack. A high score indicates an elevated risk to be targeted for this vulnerability. The CTI Interest Score identifies the interest of attackers and the security community for this specific vulnerability in real-time.
No inferences should be drawn on of other sites being referenced, or not, from this. The unique Meta Score calculates the average score of different sources to provide a normalized scoring system. It is possible to download the exploit at exploit-db.
The range indicates the observed or calculated exploit price to be seen on exploit markets. Technical details and also a public exploit are known. Further, NIST does not endorse any commercial products that may be mentioned on these sites.
CVSS 2. Please address comments about this to nvd nist. It is declared as proof-of-concept.
I ready nsa fuck
CVSS 3. It is possible to read the advisory at plugins.
It has been declared as critical. The exploitation doesn't need any form of authentication. It demands that the victim is doing some kind of user interaction. We have provided these links to other web sites because they may have information that would be of interest to you.
Wordpress live chat plugin
There may be other web sites that are more appropriate for your purpose. Upgrading to version 2.
The attack can be launched remotely.