exploitDog

GHSA-5whq-6jp7-w2mg

Опубликовано: 29 дек. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 4.8

Описание

Cross Site Scripting (XSS) vulnerability in Sesami Cash Point & Transport Optimizer (CPTO) version 6.3.8.6 (#718), allows remote attackers to execute arbitrary code and obtain sensitive information via the User ID field when creating a new system user.

Cross Site Scripting (XSS) vulnerability in Sesami Cash Point & Transport Optimizer (CPTO) version 6.3.8.6 (#718), allows remote attackers to execute arbitrary code and obtain sensitive information via the User ID field when creating a new system user.

Ссылки

EPSS

Процентиль: 40%

0.00187

Низкий

4.8 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2023-31298

CVSS3: 4.8

nvd

около 2 лет назад

Cross Site Scripting (XSS) vulnerability in Sesami Cash Point & Transport Optimizer (CPTO) version 6.3.8.6 (#718), allows remote attackers to execute arbitrary code and obtain sensitive information via the User ID field when creating a new system user.

EPSS

Процентиль: 40%

0.00187

Низкий

4.8 Medium

CVSS3

CVE ID

Дефекты

CWE-79