CVE-2018-25064

low-risk
Published 2023-01-05

A vulnerability was found in OSM Lab show-me-the-way. It has been rated as problematic. This issue affects some unknown processing of the file js/site.js. The manipulation leads to cross site scripting. The attack may be initiated remotely. The patch is named 4bed3b34dcc01fe6661f39c0e5d2285b340f7cac. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-217439.

Do I need to act?

-
0.25% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
3
CVSS 3.5/10 Low
NETWORK / LOW complexity

Affected Products (1)

Show-Me-The-Way

Affected Vendors

Show-Me-The-Way Project

References (8)

Patch https://github.com/osmlab/show-me-the-way/commit/4bed3b34dcc01fe6661f39c0e5d2285...
Patch https://github.com/osmlab/show-me-the-way/pull/57
Permissions Required https://vuldb.com/?ctiid.217439
Permissions Required https://vuldb.com/?id.217439
Patch https://github.com/osmlab/show-me-the-way/commit/4bed3b34dcc01fe6661f39c0e5d2285...
Patch https://github.com/osmlab/show-me-the-way/pull/57
Permissions Required https://vuldb.com/?ctiid.217439
Permissions Required https://vuldb.com/?id.217439
22
/ 100
low-risk
Severity 16/34 · Moderate
Exploitability 1/34 · Minimal
Exposure 5/34 · Minimal