exploitDog

GHSA-9r7w-r483-2vv7

Опубликовано: 14 мая 2022

Источник: github

Github: Не прошло ревью

Описание

Cross-site scripting (XSS) vulnerability in the League module for PHP-Nuke, possibly 2.4, allows remote attackers to inject arbitrary web script or HTML via the tid parameter in a team action to modules.php.

Cross-site scripting (XSS) vulnerability in the League module for PHP-Nuke, possibly 2.4, allows remote attackers to inject arbitrary web script or HTML via the tid parameter in a team action to modules.php.

Ссылки

EPSS

Процентиль: 83%

0.01823

Низкий

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2008-5039

nvd

около 17 лет назад

Cross-site scripting (XSS) vulnerability in the League module for PHP-Nuke, possibly 2.4, allows remote attackers to inject arbitrary web script or HTML via the tid parameter in a team action to modules.php.

EPSS

Процентиль: 83%

0.01823

Низкий

CVE ID

Дефекты

CWE-79