exploitDog

GHSA-26ww-33qp-73qr

Опубликовано: 02 мая 2022

Источник: github

Github: Не прошло ревью

Описание

Cross-site scripting (XSS) vulnerability in the search functionality in DotNetNuke 4.8 through 5.1.4 allows remote attackers to inject arbitrary web script or HTML via search terms that are not properly filtered before display in a custom results page.

Cross-site scripting (XSS) vulnerability in the search functionality in DotNetNuke 4.8 through 5.1.4 allows remote attackers to inject arbitrary web script or HTML via search terms that are not properly filtered before display in a custom results page.

Ссылки

EPSS

Процентиль: 54%

0.0032

Низкий

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2009-4110

nvd

больше 15 лет назад

Cross-site scripting (XSS) vulnerability in the search functionality in DotNetNuke 4.8 through 5.1.4 allows remote attackers to inject arbitrary web script or HTML via search terms that are not properly filtered before display in a custom results page.

EPSS

Процентиль: 54%

0.0032

Низкий

CVE ID

Дефекты

CWE-79