exploitDog

GHSA-9vhj-9r44-22j8

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 6.1

Описание

In EasyToRecruit (E2R) before 2.11, the upload feature and the Candidate Profile Management feature are prone to Cross Site Scripting (XSS) injection in multiple locations.

In EasyToRecruit (E2R) before 2.11, the upload feature and the Candidate Profile Management feature are prone to Cross Site Scripting (XSS) injection in multiple locations.

Ссылки

EPSS

Процентиль: 42%

0.00202

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2019-11032

CVSS3: 6.1

nvd

почти 7 лет назад

In EasyToRecruit (E2R) before 2.11, the upload feature and the Candidate Profile Management feature are prone to Cross Site Scripting (XSS) injection in multiple locations.

EPSS

Процентиль: 42%

0.00202

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79