exploitDog

GHSA-55xq-r54j-m2x5

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

Описание

The Video Gallery â€“ Vimeo and YouTube Gallery WordPress plugin through 1.1.4 does not escape the Title and Description of the videos in a gallery before outputting them in attributes, leading to Stored Cross-Site Scripting issues

The Video Gallery â€“ Vimeo and YouTube Gallery WordPress plugin through 1.1.4 does not escape the Title and Description of the videos in a gallery before outputting them in attributes, leading to Stored Cross-Site Scripting issues

Ссылки

EPSS

Процентиль: 43%

0.00206

Низкий

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2021-24515

CVSS3: 4.8

nvd

больше 4 лет назад

The Video Gallery WordPress plugin before 1.1.5 does not escape the Title and Description of the videos in a gallery before outputting them in attributes, leading to Stored Cross-Site Scripting issues

EPSS

Процентиль: 43%

0.00206

Низкий

CVE ID

Дефекты

CWE-79