exploitDog

GHSA-6cmw-xx5g-357x

Опубликовано: 14 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 6.1

Описание

AbanteCart 1.2.12 has reflected cross-site scripting (XSS) via the sort parameter, as demonstrated by a /apparel--accessories?sort= substring.

AbanteCart 1.2.12 has reflected cross-site scripting (XSS) via the sort parameter, as demonstrated by a /apparel--accessories?sort= substring.

Ссылки

EPSS

Процентиль: 56%

0.0034

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2018-20141

CVSS3: 6.1

nvd

почти 7 лет назад

AbanteCart 1.2.12 has reflected cross-site scripting (XSS) via the sort parameter, as demonstrated by a /apparel--accessories?sort= substring.

EPSS

Процентиль: 56%

0.0034

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79