exploitDog

GHSA-75mx-qp79-4ghv

Опубликовано: 29 июл. 2025

Источник: github

Github: Не прошло ревью

CVSS4: 4.8

CVSS3: 6.1

Описание

Reflected Cross-Site Scripting (XSS) in Human Resource Management System version 1.0. This vulnerability could allow an attacker to execute JavaScript code in the victim's browser by sending a malicious URL through the 'searccity' parameter in /city.php.

Reflected Cross-Site Scripting (XSS) in Human Resource Management System version 1.0. This vulnerability could allow an attacker to execute JavaScript code in the victim's browser by sending a malicious URL through the 'searccity' parameter in /city.php.

Ссылки

EPSS

Процентиль: 6%

0.00024

Низкий

4.8 Medium

CVSS4

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2025-40683

CVSS3: 6.1

nvd

6 месяцев назад

Reflected Cross-Site Scripting (XSS) in Human Resource Management System version 1.0. This vulnerability could allow an attacker to execute JavaScript code in the victim's browser by sending a malicious URL through the 'searccity' parameter in /city.php.

EPSS

Процентиль: 6%

0.00024

Низкий

4.8 Medium

CVSS4

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79