exploitDog

GHSA-5whj-3p7m-72ch

Опубликовано: 30 янв. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 5.4

Описание

CloudSchool v3.0.1 is vulnerable to Cross Site Scripting (XSS). A normal user can steal session cookies of the admin users through notification received by the admin user.

CloudSchool v3.0.1 is vulnerable to Cross Site Scripting (XSS). A normal user can steal session cookies of the admin users through notification received by the admin user.

Ссылки

EPSS

Процентиль: 69%

0.00595

Низкий

5.4 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2022-46087

CVSS3: 5.4

nvd

около 3 лет назад

CloudSchool v3.0.1 is vulnerable to Cross Site Scripting (XSS). A normal user can steal session cookies of the admin users through notification received by the admin user.

EPSS

Процентиль: 69%

0.00595

Низкий

5.4 Medium

CVSS3

CVE ID

Дефекты

CWE-79