exploitDog

GHSA-cg8r-7f82-q3p5

Опубликовано: 22 авг. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 5.4

Описание

Cross-Site Scripting (XSS) vulnerability in CSZ CMS v.1.3.0 allows attackers to execute arbitrary code via a crafted payload to the Social Settings parameter.

Cross-Site Scripting (XSS) vulnerability in CSZ CMS v.1.3.0 allows attackers to execute arbitrary code via a crafted payload to the Social Settings parameter.

Ссылки

EPSS

Процентиль: 46%

0.00236

Низкий

5.4 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2023-39599

CVSS3: 5.4

nvd

больше 2 лет назад

Cross-Site Scripting (XSS) vulnerability in CSZ CMS v.1.3.0 allows attackers to execute arbitrary code via a crafted payload to the Social Settings parameter.

EPSS

Процентиль: 46%

0.00236

Низкий

5.4 Medium

CVSS3

CVE ID

Дефекты

CWE-79