5.7 Medium
AI Score
Confidence
High
0.004 Low
EPSS
Percentile
75.1%
Cross-site scripting (XSS) vulnerability in the search functionality in Simon Brown Pebble 2.0.0 RC1 and RC2 allows remote attackers to inject arbitrary web script or HTML via the query string.
securityreason.com/securityalert/1689
svn.sourceforge.net/viewvc/pebble/trunk/src/net/sourceforge/pebble/search/SearchResults.java?r1=136&r2=206
www.securityfocus.com/archive/1/447503/100/0/threaded
www.securityfocus.com/bid/20298
exchange.xforce.ibmcloud.com/vulnerabilities/29312