exploitDog

GHSA-7p2j-r9vx-628c

Опубликовано: 18 июн. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 6.1

Описание

u5cms version 8.3.5 is vulnerable to Cross Site Scripting (XSS). When a user accesses the default home page if the parameter passed in is http://127.0.0.1/? "Onmouseover=%27tzgl (96502)%27bad=", it can cause html injection.

u5cms version 8.3.5 is vulnerable to Cross Site Scripting (XSS). When a user accesses the default home page if the parameter passed in is http://127.0.0.1/? "Onmouseover=%27tzgl (96502)%27bad=", it can cause html injection.

Ссылки

EPSS

Процентиль: 55%

0.00321

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2022-32442

CVSS3: 6.1

nvd

больше 3 лет назад

u5cms version 8.3.5 is vulnerable to Cross Site Scripting (XSS). When a user accesses the default home page if the parameter passed in is http://127.0.0.1/? "Onmouseover=%27tzgl (96502)%27bad=", it can cause html injection.

EPSS

Процентиль: 55%

0.00321

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79