exploitDog

GHSA-c9vq-pfm9-7pjp

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

Описание

Cross Site Scripting (XSS) vulnerability in contactus.php in Doctor Appointment System 1.0 allows remote attackers to inject arbitrary web script or HTML via the lastname parameter.

Cross Site Scripting (XSS) vulnerability in contactus.php in Doctor Appointment System 1.0 allows remote attackers to inject arbitrary web script or HTML via the lastname parameter.

Ссылки

EPSS

Процентиль: 63%

0.00441

Низкий

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2021-27318

CVSS3: 6.1

nvd

почти 5 лет назад

Cross Site Scripting (XSS) vulnerability in contactus.php in Doctor Appointment System 1.0 allows remote attackers to inject arbitrary web script or HTML via the lastname parameter.

EPSS

Процентиль: 63%

0.00441

Низкий

CVE ID

Дефекты

CWE-79