exploitDog

GHSA-6rvc-cc4c-ffwj

Опубликовано: 28 мар. 2024

Источник: github

Github: Не прошло ревью

CVSS3: 6.5

Описание

Cross Site Scripting vulnerability in Process Maker, Inc ProcessMaker before 4.0 allows a remote attacker to run arbitrary code via control of the pm_sys_sys cookie.

Cross Site Scripting vulnerability in Process Maker, Inc ProcessMaker before 4.0 allows a remote attacker to run arbitrary code via control of the pm_sys_sys cookie.

Ссылки

EPSS

Процентиль: 68%

0.00583

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2024-25506

CVSS3: 6.5

nvd

почти 2 года назад

Cross Site Scripting vulnerability in Process Maker, Inc ProcessMaker before 4.0 allows a remote attacker to run arbitrary code via control of the pm_sys_sys cookie.

EPSS

Процентиль: 68%

0.00583

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-79