exploitDog

GHSA-3gj8-rw59-4xgx

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 4.8

Описание

The iFlyChat - WordPress Chat plugin through 4.6.4 does not sanitise its APP ID setting before outputting it back in the page, leading to an authenticated Stored Cross-Site Scripting issue

The iFlyChat - WordPress Chat plugin through 4.6.4 does not sanitise its APP ID setting before outputting it back in the page, leading to an authenticated Stored Cross-Site Scripting issue

Ссылки

EPSS

Процентиль: 61%

0.0042

Низкий

4.8 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2021-24343

CVSS3: 4.8

nvd

больше 4 лет назад

The iFlyChat WordPress plugin before 4.7.0 does not sanitise its APP ID setting before outputting it back in the page, leading to an authenticated Stored Cross-Site Scripting issue

EPSS

Процентиль: 61%

0.0042

Низкий

4.8 Medium

CVSS3

CVE ID

Дефекты

CWE-79