GHSA-3x4m-xwxj-phjf

Опубликовано: 26 июл. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 6.1

Описание

A cross-site scripting (XSS) vulnerability in Truedesk v1.2.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into a user chat box.

A cross-site scripting (XSS) vulnerability in Truedesk v1.2.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into a user chat box.

Ссылки

https://nvd.nist.gov/vuln/detail/CVE-2022-31455
https://medium.com/%40rohitgautam26/cve-2022-31455-bc929f477446
https://medium.com/@rohitgautam26/cve-2022-31455-bc929f477446
https://www.acunetix.com/vulnerabilities/web/cross-site-scripting

EPSS

Процентиль: 23%

0.00076

Низкий

6.1 Medium

CVSS3

CVE ID

CVE-2022-31455

Дефекты

CWE-79

Связанные уязвимости

CVE-2022-31455

CVSS3: 6.1

nvd

больше 2 лет назад

* A cross-site scripting (XSS) vulnerability in Truedesk v1.2.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into a user chat box.

EPSS

Процентиль: 23%

0.00076

Низкий

6.1 Medium

CVSS3

CVE ID

CVE-2022-31455

Дефекты

CWE-79