Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-8jxq-gpmr-h4g4

Опубликовано: 17 мая 2022
Источник: github
Github: Прошло ревью
CVSS3: 6.1

Описание

imdbphp Cross-Site Scripting (XSS)

A Cross-Site Scripting (XSS) was discovered in imdbphp 5.1.1. The vulnerability exists due to insufficient filtration of user-supplied data (name) passed to the "imdbphp-master/demo/search.php" URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website.

Ссылки

Пакеты

Наименование

imdbphp/imdbphp

composer
Затронутые версииВерсия исправления

<= 5.1.1

5.2.0

EPSS

Процентиль: 53%
0.00301
Низкий

6.1 Medium

CVSS3

CVE ID

CVE-2017-7204

Дефекты

CWE-79

Связанные уязвимости

nvd логотип

CVE-2017-7204

CVSS3: 6.1
nvd
почти 9 лет назад

A Cross-Site Scripting (XSS) was discovered in imdbphp 5.1.1. The vulnerability exists due to insufficient filtration of user-supplied data (name) passed to the "imdbphp-master/demo/search.php" URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website.

EPSS

Процентиль: 53%
0.00301
Низкий

6.1 Medium

CVSS3

CVE ID

CVE-2017-7204

Дефекты

CWE-79