exploitDog

GHSA-5qpm-vrqv-qcrv

Опубликовано: 05 июн. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 5.4

Описание

Minical 1.0.0 is vulnerable to Cross Site Scripting (XSS). The vulnerability exists due to insufficient input validation in the application's user input handling in the security_helper.php file.

Minical 1.0.0 is vulnerable to Cross Site Scripting (XSS). The vulnerability exists due to insufficient input validation in the application's user input handling in the security_helper.php file.

Ссылки

EPSS

Процентиль: 44%

0.00214

Низкий

5.4 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2023-33408

CVSS3: 5.4

nvd

больше 2 лет назад

Minical 1.0.0 is vulnerable to Cross Site Scripting (XSS). The vulnerability exists due to insufficient input validation in the application's user input handling in the security_helper.php file.

EPSS

Процентиль: 44%

0.00214

Низкий

5.4 Medium

CVSS3

CVE ID

Дефекты

CWE-79