exploitDog

GHSA-4gmr-f766-822g

Опубликовано: 22 апр. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 6.1

Описание

A cross-site scripting (reflected XSS) vulnerability was found in Mettler Toledo FreeWeight.Net Web Reports Viewer 8.4.0 (440). It allows an attacker to inject malicious scripts via the IW_SessionID_ parameter.

A cross-site scripting (reflected XSS) vulnerability was found in Mettler Toledo FreeWeight.Net Web Reports Viewer 8.4.0 (440). It allows an attacker to inject malicious scripts via the IW_SessionID_ parameter.

Ссылки

EPSS

Процентиль: 14%

0.00046

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2025-43952

CVSS3: 6.1

nvd

10 месяцев назад

A cross-site scripting (reflected XSS) vulnerability was found in Mettler Toledo FreeWeight.Net Web Reports Viewer 8.4.0 (440). It allows an attacker to inject malicious scripts via the IW_SessionID_ parameter.

EPSS

Процентиль: 14%

0.00046

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79