exploitDog

GHSA-g9xx-m8f7-gx2c

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

Описание

A cross-site scripting (XSS) vulnerability in RGCMS v1.06 allows attackers to obtain the administrator's cookie via a crafted payload in the Name field under the Message Board module

A cross-site scripting (XSS) vulnerability in RGCMS v1.06 allows attackers to obtain the administrator's cookie via a crafted payload in the Name field under the Message Board module

Ссылки

EPSS

Процентиль: 43%

0.00206

Низкий

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2020-21482

CVSS3: 5.4

nvd

больше 4 лет назад

A cross-site scripting (XSS) vulnerability in RGCMS v1.06 allows attackers to obtain the administrator's cookie via a crafted payload in the Name field under the Message Board module

EPSS

Процентиль: 43%

0.00206

Низкий

CVE ID

Дефекты

CWE-79