exploitDog

GHSA-5gm4-757j-3p92

Опубликовано: 12 дек. 2025

Источник: github

Github: Не прошло ревью

CVSS4: 5.3

CVSS3: 5.4

Описание

PyroCMS v3.0.1 contains a stored cross-site scripting vulnerability in the admin redirects configuration that allows attackers to inject malicious scripts. Attackers can insert a payload in the 'Redirect From' field to execute arbitrary JavaScript when administrators view the redirects page.

PyroCMS v3.0.1 contains a stored cross-site scripting vulnerability in the admin redirects configuration that allows attackers to inject malicious scripts. Attackers can insert a payload in the 'Redirect From' field to execute arbitrary JavaScript when administrators view the redirects page.

Ссылки

EPSS

Процентиль: 13%

0.00043

Низкий

5.3 Medium

CVSS4

5.4 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2024-58297

CVSS3: 5.4

nvd

около 2 месяцев назад

PyroCMS v3.0.1 contains a stored cross-site scripting vulnerability in the admin redirects configuration that allows attackers to inject malicious scripts. Attackers can insert a payload in the 'Redirect From' field to execute arbitrary JavaScript when administrators view the redirects page.

EPSS

Процентиль: 13%

0.00043

Низкий

5.3 Medium

CVSS4

5.4 Medium

CVSS3

CVE ID

Дефекты

CWE-79