exploitDog

GHSA-97c2-hm96-mgpf

Опубликовано: 21 мар. 2024

Источник: github

Github: Не прошло ревью

CVSS3: 4.7

Описание

Cross Site Scripting (XSS) vulnerability in Sourcecodester Workout Journal App 1.0 allows attackers to run arbitrary code via parameters firstname and lastname in /add-user.php.

Cross Site Scripting (XSS) vulnerability in Sourcecodester Workout Journal App 1.0 allows attackers to run arbitrary code via parameters firstname and lastname in /add-user.php.

Ссылки

EPSS

Процентиль: 23%

0.00076

Низкий

4.7 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2024-24050

CVSS3: 4.7

nvd

почти 2 года назад

Cross Site Scripting (XSS) vulnerability in Sourcecodester Workout Journal App 1.0 allows attackers to run arbitrary code via parameters firstname and lastname in /add-user.php.

EPSS

Процентиль: 23%

0.00076

Низкий

4.7 Medium

CVSS3

CVE ID

Дефекты

CWE-79