Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-9jfc-28w3-mr85

Опубликовано: 14 мая 2022
Источник: github
Github: Не прошло ревью

Описание

Multiple cross-site scripting (XSS) vulnerabilities in Forma Lms before 1.2.1 p01 allow remote attackers to inject arbitrary web script or HTML via the (1) id_custom parameter in an amanmenu request or (2) id_game parameter in an alms/games/edit request to appCore/index.php.

Multiple cross-site scripting (XSS) vulnerabilities in Forma Lms before 1.2.1 p01 allow remote attackers to inject arbitrary web script or HTML via the (1) id_custom parameter in an amanmenu request or (2) id_game parameter in an alms/games/edit request to appCore/index.php.

Ссылки

EPSS

Процентиль: 60%
0.004
Низкий

CVE ID

CVE-2014-5257

Дефекты

CWE-79

Связанные уязвимости

nvd логотип

CVE-2014-5257

nvd
больше 11 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in Forma Lms before 1.2.1 p01 allow remote attackers to inject arbitrary web script or HTML via the (1) id_custom parameter in an amanmenu request or (2) id_game parameter in an alms/games/edit request to appCore/index.php.

EPSS

Процентиль: 60%
0.004
Низкий

CVE ID

CVE-2014-5257

Дефекты

CWE-79