Описание
Badaso vulnerable to cross-site scripting
Cross Site Scripting vulnerabiltiy in Badaso v.0.0.1 thru v.2.9.7 allows a remote attacker to execute arbitrary code via a crafted payload to the Name of member parameter in the add new member function.
Пакеты
Наименование
uasoft-indonesia/badaso
composer
Затронутые версииВерсия исправления
<= 2.9.7
Отсутствует
Связанные уязвимости
CVSS3: 5.4
nvd
больше 2 лет назад
Cross Site Scripting vulnerabiltiy in Badaso v.0.0.1 thru v.2.9.7 allows a remote attacker to execute arbitrary code via a crafted payload to the Name of member parameter in the add new member function.