An unspecified ActiveX control in SiteKiosk before 6.5.150 is installed "safe for scripting", which allows local users to bypass security protections and read arbitrary files via certain functions.
Threat-Mapped Scoring
Score: 0.0
Priority: Unclassified
EPSS
Score: 0.00072Percentile:
0.22653
CVSS Scoring
CVSS v2 Score: 1.7
Severity:
Affected Products
cpe:2.3:a:sitekiosk:sitekiosk:4.9.11:*:*:*:*:*:*:*
cpe:2.3:a:sitekiosk:sitekiosk:4.9.14:*:*:*:*:*:*:*
cpe:2.3:a:sitekiosk:sitekiosk:4.96:*:*:*:*:*:*:*
cpe:2.3:a:sitekiosk:sitekiosk:4.96.0:*:*:*:*:*:*:*
cpe:2.3:a:sitekiosk:sitekiosk:4.96.3:*:*:*:*:*:*:*
cpe:2.3:a:sitekiosk:sitekiosk:4.97.0:*:*:*:*:*:*:*
cpe:2.3:a:sitekiosk:sitekiosk:5.0.19:*:*:*:*:*:*:*
cpe:2.3:a:sitekiosk:sitekiosk:5.0.26:*:*:*:*:*:*:*
cpe:2.3:a:sitekiosk:sitekiosk:5.0.32:*:*:*:*:*:*:*
cpe:2.3:a:sitekiosk:sitekiosk:5.0.35:*:*:*:*:*:*:*
cpe:2.3:a:sitekiosk:sitekiosk:5.0.36:*:*:*:*:*:*:*
cpe:2.3:a:sitekiosk:sitekiosk:5.0.38:*:*:*:*:*:*:*
cpe:2.3:a:sitekiosk:sitekiosk:5.0.41:*:*:*:*:*:*:*
cpe:2.3:a:sitekiosk:sitekiosk:5.0.238:*:*:*:*:*:*:*
cpe:2.3:a:sitekiosk:sitekiosk:5.0.248:*:*:*:*:*:*:*
cpe:2.3:a:sitekiosk:sitekiosk:5.0.264:*:*:*:*:*:*:*
cpe:2.3:a:sitekiosk:sitekiosk:5.5.34:*:*:*:*:*:*:*
cpe:2.3:a:sitekiosk:sitekiosk:5.5.35:*:*:*:*:*:*:*
cpe:2.3:a:sitekiosk:sitekiosk:5.5.36:*:*:*:*:*:*:*
cpe:2.3:a:sitekiosk:sitekiosk:5.5.39:*:*:*:*:*:*:*
cpe:2.3:a:sitekiosk:sitekiosk:5.5.45:*:*:*:*:*:*:*
cpe:2.3:a:sitekiosk:sitekiosk:6.0.14:*:*:*:*:*:*:*
cpe:2.3:a:sitekiosk:sitekiosk:6.0.98_final:*:*:*:*:*:*:*
cpe:2.3:a:sitekiosk:sitekiosk:6.2.51:*:*:*:*:*:*:*
cpe:2.3:a:sitekiosk:sitekiosk:6.5.149:*:*:*:*:*:*:*
← Back to Home
BrownCoat Threat Intelligence Platform | 2025 Steve Gray — You Can’t Take the Sky from Me