exploitDog

GHSA-5c5r-8fp8-5g68

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

Описание

Cross-site scripting vulnerability in EC-CUBE Category contents plugin (for EC-CUBE 3.0 series) versions prior to version 1.0.1 allows a remote attacker to inject an arbitrary script by leading an administrator or a user to a specially crafted page and to perform a specific operation.

Cross-site scripting vulnerability in EC-CUBE Category contents plugin (for EC-CUBE 3.0 series) versions prior to version 1.0.1 allows a remote attacker to inject an arbitrary script by leading an administrator or a user to a specially crafted page and to perform a specific operation.

Ссылки

EPSS

Процентиль: 55%

0.00321

Низкий

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2021-20744

CVSS3: 6.1

nvd

больше 4 лет назад

Cross-site scripting vulnerability in EC-CUBE Category contents plugin (for EC-CUBE 3.0 series) versions prior to version 1.0.1 allows a remote attacker to inject an arbitrary script by leading an administrator or a user to a specially crafted page and to perform a specific operation.

EPSS

Процентиль: 55%

0.00321

Низкий

CVE ID

Дефекты

CWE-79