exploitDog

GHSA-65xp-45wv-pvw6

Опубликовано: 26 окт. 2024

Источник: github

Github: Не прошло ревью

CVSS3: 4.8

Описание

An issue was discovered in WTCMS 1.0. In the plupload method in \AssetController.class.php, the app parameters aren't processed, resulting in Cross Site Scripting (XSS).

An issue was discovered in WTCMS 1.0. In the plupload method in \AssetController.class.php, the app parameters aren't processed, resulting in Cross Site Scripting (XSS).

Ссылки

EPSS

Процентиль: 24%

0.00083

Низкий

4.8 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2024-48239

CVSS3: 4.8

nvd

больше 1 года назад

An issue was discovered in WTCMS 1.0. In the plupload method in \AssetController.class.php, the app parameters aren't processed, resulting in Cross Site Scripting (XSS).

EPSS

Процентиль: 24%

0.00083

Низкий

4.8 Medium

CVSS3

CVE ID

Дефекты

CWE-79