exploitDog

GHSA-647m-2qfw-99jq

Опубликовано: 13 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 4.8

Описание

Telaxus EPESI 1.8.2 and earlier has a Stored Cross-site Scripting (XSS) vulnerability in modules/Base/Dashboard/Dashboard_0.php, which allows remote attackers to inject arbitrary web script or HTML via a crafted tab_name parameter.

Telaxus EPESI 1.8.2 and earlier has a Stored Cross-site Scripting (XSS) vulnerability in modules/Base/Dashboard/Dashboard_0.php, which allows remote attackers to inject arbitrary web script or HTML via a crafted tab_name parameter.

Ссылки

EPSS

Процентиль: 40%

0.00183

Низкий

4.8 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2017-9366

CVSS3: 4.8

nvd

больше 8 лет назад

Telaxus EPESI 1.8.2 and earlier has a Stored Cross-site Scripting (XSS) vulnerability in modules/Base/Dashboard/Dashboard_0.php, which allows remote attackers to inject arbitrary web script or HTML via a crafted tab_name parameter.

EPSS

Процентиль: 40%

0.00183

Низкий

4.8 Medium

CVSS3

CVE ID

Дефекты

CWE-79