exploitDog

GHSA-6f66-hpxr-v3j7

Опубликовано: 06 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 5.4

Описание

In LibreHealth EHR 2.0.0, lack of sanitization of the GET parameters formseq and formid in interface\orders\find_order_popup.php leads to multiple cross-site scripting (XSS) vulnerabilities.

In LibreHealth EHR 2.0.0, lack of sanitization of the GET parameters formseq and formid in interface\orders\find_order_popup.php leads to multiple cross-site scripting (XSS) vulnerabilities.

Ссылки

EPSS

Процентиль: 49%

0.00263

Низкий

5.4 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2022-29940

CVSS3: 5.4

nvd

почти 4 года назад

In LibreHealth EHR 2.0.0, lack of sanitization of the GET parameters formseq and formid in interface\orders\find_order_popup.php leads to multiple cross-site scripting (XSS) vulnerabilities.

EPSS

Процентиль: 49%

0.00263

Низкий

5.4 Medium

CVSS3

CVE ID

Дефекты

CWE-79