exploitDog

GHSA-2xjh-cwp8-55q6

Опубликовано: 22 мая 2023

Источник: github

Github: Не прошло ревью

CVSS3: 5.4

Описание

Wekan v6.84 and earlier is vulnerable to Cross Site Scripting (XSS). An attacker with user privilege on kanban board can insert JavaScript code in in "Reaction to comment" feature.

Wekan v6.84 and earlier is vulnerable to Cross Site Scripting (XSS). An attacker with user privilege on kanban board can insert JavaScript code in in "Reaction to comment" feature.

Ссылки

EPSS

Процентиль: 42%

0.00196

Низкий

5.4 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2023-31779

CVSS3: 5.4

nvd

больше 2 лет назад

Wekan v6.84 and earlier is vulnerable to Cross Site Scripting (XSS). An attacker with user privilege on kanban board can insert JavaScript code in in "Reaction to comment" feature.

EPSS

Процентиль: 42%

0.00196

Низкий

5.4 Medium

CVSS3

CVE ID

Дефекты

CWE-79