exploitDog

GHSA-8prw-vrjf-w7gx

Опубликовано: 27 мар. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 5.4

Описание

RIFARTEK IOT Wall transportation function has insufficient filtering for user input. An authenticated remote attacker with general user privilege can inject JavaScript to perform reflected XSS (Reflected Cross-site scripting) attack.

RIFARTEK IOT Wall transportation function has insufficient filtering for user input. An authenticated remote attacker with general user privilege can inject JavaScript to perform reflected XSS (Reflected Cross-site scripting) attack.

Ссылки

EPSS

Процентиль: 21%

0.00068

Низкий

5.4 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2023-25018

CVSS3: 5.4

nvd

почти 3 года назад

RIFARTEK IOT Wall transportation function has insufficient filtering for user input. An authenticated remote attacker with general user privilege can inject JavaScript to perform reflected XSS (Reflected Cross-site scripting) attack.

EPSS

Процентиль: 21%

0.00068

Низкий

5.4 Medium

CVSS3

CVE ID

Дефекты

CWE-79