exploitDog

GHSA-5m25-34q2-5599

Опубликовано: 01 фев. 2026

Источник: github

Github: Не прошло ревью

CVSS4: 4.8

CVSS3: 5.4

Описание

Affiliate Pro 1.7 contains multiple reflected cross-site scripting vulnerabilities in the index module's input fields. Attackers can inject malicious scripts through fullname, username, and email parameters to execute client-side attacks and manipulate browser requests.

Affiliate Pro 1.7 contains multiple reflected cross-site scripting vulnerabilities in the index module's input fields. Attackers can inject malicious scripts through fullname, username, and email parameters to execute client-side attacks and manipulate browser requests.

Ссылки

EPSS

Процентиль: 9%

0.00031

Низкий

4.8 Medium

CVSS4

5.4 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2021-47911

CVSS3: 5.4

nvd

7 дней назад

Affiliate Pro 1.7 contains multiple reflected cross-site scripting vulnerabilities in the index module's input fields. Attackers can inject malicious scripts through fullname, username, and email parameters to execute client-side attacks and manipulate browser requests.

EPSS

Процентиль: 9%

0.00031

Низкий

4.8 Medium

CVSS4

5.4 Medium

CVSS3

CVE ID

Дефекты

CWE-79