exploitDog

GHSA-7f3r-h2mp-3f5v

Опубликовано: 31 мая 2023

Источник: github

Github: Не прошло ревью

CVSS3: 6.1

Описание

Cross Site Scripting (XSS) in the New Policy form in Microworld Technologies eScan management console 14.0.1400.2281 allows a remote attacker to inject arbitrary code via the vulnerable parameters type, txtPolicyType, and Deletefileval.

Cross Site Scripting (XSS) in the New Policy form in Microworld Technologies eScan management console 14.0.1400.2281 allows a remote attacker to inject arbitrary code via the vulnerable parameters type, txtPolicyType, and Deletefileval.

Ссылки

EPSS

Процентиль: 60%

0.00393

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2023-33732

CVSS3: 6.1

nvd

больше 2 лет назад

Cross Site Scripting (XSS) in the New Policy form in Microworld Technologies eScan management console 14.0.1400.2281 allows a remote attacker to inject arbitrary code via the vulnerable parameters type, txtPolicyType, and Deletefileval.

EPSS

Процентиль: 60%

0.00393

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79