exploitDog

GHSA-887g-xpjr-63g2

Опубликовано: 14 мая 2022

Источник: github

Github: Не прошло ревью

Описание

Multiple cross-site scripting (XSS) vulnerabilities in deploy/designer/preview.php in the Digital Zoom Studio (DZS) Video Gallery plugin for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) swfloc or (2) designrand parameter.

Multiple cross-site scripting (XSS) vulnerabilities in deploy/designer/preview.php in the Digital Zoom Studio (DZS) Video Gallery plugin for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) swfloc or (2) designrand parameter.

Ссылки

EPSS

Процентиль: 94%

0.14728

Средний

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2014-9094

nvd

около 11 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in deploy/designer/preview.php in the Digital Zoom Studio (DZS) Video Gallery plugin for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) swfloc or (2) designrand parameter.

EPSS

Процентиль: 94%

0.14728

Средний

CVE ID

Дефекты

CWE-79