exploitDog

GHSA-45cr-xqhm-p6r9

Опубликовано: 11 мая 2023

Источник: github

Github: Не прошло ревью

CVSS3: 6.1

Описание

Cross Site Scripting vulnerability found in Webkil QloApps v.1.5.2 allows a remote attacker to obtain sensitive information via the back and email_create parameters in the AuthController.php file.

Cross Site Scripting vulnerability found in Webkil QloApps v.1.5.2 allows a remote attacker to obtain sensitive information via the back and email_create parameters in the AuthController.php file.

Ссылки

EPSS

Процентиль: 99%

0.7776

Высокий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2023-30256

CVSS3: 6.1

nvd

больше 2 лет назад

Cross Site Scripting vulnerability found in Webkil QloApps v.1.5.2 allows a remote attacker to obtain sensitive information via the back and email_create parameters in the AuthController.php file.

EPSS

Процентиль: 99%

0.7776

Высокий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79