Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-7cch-m59v-c3cp

Опубликовано: 14 мая 2022
Источник: github
Github: Не прошло ревью
CVSS3: 5.4

Описание

WOlfCMS WolfCMS version version 0.8.3.1 contains a Stored Cross-Site Scripting vulnerability in Layout Name (from Layout tab) that can result in low privilege user can steal the cookie of admin user and compromise the admin account. This attack appear to be exploitable via Need to enter the Javascript code into Layout Name .

WOlfCMS WolfCMS version version 0.8.3.1 contains a Stored Cross-Site Scripting vulnerability in Layout Name (from Layout tab) that can result in low privilege user can steal the cookie of admin user and compromise the admin account. This attack appear to be exploitable via Need to enter the Javascript code into Layout Name .

Ссылки

EPSS

Процентиль: 43%
0.00206
Низкий

5.4 Medium

CVSS3

CVE ID

CVE-2018-1000084

Дефекты

CWE-79

Связанные уязвимости

nvd логотип

CVE-2018-1000084

CVSS3: 5.4
nvd
почти 8 лет назад

WOlfCMS WolfCMS version version 0.8.3.1 contains a Stored Cross-Site Scripting vulnerability in Layout Name (from Layout tab) that can result in low privilege user can steal the cookie of admin user and compromise the admin account. This attack appear to be exploitable via Need to enter the Javascript code into Layout Name .

EPSS

Процентиль: 43%
0.00206
Низкий

5.4 Medium

CVSS3

CVE ID

CVE-2018-1000084

Дефекты

CWE-79