exploitDog

GHSA-7562-6p6m-r4fh

Опубликовано: 28 апр. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 6.1

Описание

Cross Site Scripting (XSS) vulnerability in BoxBilling 4.19, 4.19.1, 4.20, and 4.21 allows remote attackers to run arbitrary code via the message field on the submit new ticket form.

Cross Site Scripting (XSS) vulnerability in BoxBilling 4.19, 4.19.1, 4.20, and 4.21 allows remote attackers to run arbitrary code via the message field on the submit new ticket form.

Ссылки

EPSS

Процентиль: 14%

0.00046

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2020-23647

CVSS3: 6.1

nvd

почти 3 года назад

Cross Site Scripting (XSS) vulnerability in BoxBilling 4.19, 4.19.1, 4.20, and 4.21 allows remote attackers to run arbitrary code via the message field on the submit new ticket form.

EPSS

Процентиль: 14%

0.00046

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79