exploitDog

GHSA-f9cq-4c56-mv7q

Опубликовано: 04 мар. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 6.1

Описание

OS4ED openSIS 8.0 is affected by cross-site scripting (XSS) in EmailCheckOthers.php. An attacker can inject JavaScript code to get the user's cookie and take over the working session of user.

OS4ED openSIS 8.0 is affected by cross-site scripting (XSS) in EmailCheckOthers.php. An attacker can inject JavaScript code to get the user's cookie and take over the working session of user.

Ссылки

EPSS

Процентиль: 50%

0.00272

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2021-40637

CVSS3: 6.1

nvd

почти 4 года назад

OS4ED openSIS 8.0 is affected by cross-site scripting (XSS) in EmailCheckOthers.php. An attacker can inject JavaScript code to get the user's cookie and take over the working session of user.

EPSS

Процентиль: 50%

0.00272

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79