exploitDog

GHSA-2hhf-gxff-r59q

Опубликовано: 20 сент. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 6.1

Описание

A reflected cross-site scripting (XSS) vulnerability in msaad1999's PHP-Login-System 2.0.1 allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into the 'selector' parameter in '/reset-password'.

A reflected cross-site scripting (XSS) vulnerability in msaad1999's PHP-Login-System 2.0.1 allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into the 'selector' parameter in '/reset-password'.

Ссылки

EPSS

Процентиль: 92%

0.07623

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2023-38876

CVSS3: 6.1

nvd

больше 2 лет назад

A reflected cross-site scripting (XSS) vulnerability in msaad1999's PHP-Login-System 2.0.1 allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into the 'selector' parameter in '/reset-password'.

EPSS

Процентиль: 92%

0.07623

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79