Cross site scripting

2020-03-1021:15:00

PRIOn knowledge base

www.prio-n.com

5.1 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

24.8%

JSON

Ramp AltitudeCDN Altimeter before 2.4.0 allows authenticated Stored XSS via the vdms/ipmapping.jsp location field to the dms/rest/services/datastore/createOrEditValueForKey URI.

CPENameOperatorVersion
altimeterlt2.4.0

CPE	Name	Operator	Version
	altimeter	lt	2.4.0

References

labs.f-secure.com/advisories/ramp-altimeter-stored-xss/