exploitDog

GHSA-gcv5-33hh-8rwr

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

Описание

WTCMS 1.0 contains a reflective cross-site scripting (XSS) vulnerability in the page management background which allows attackers to obtain cookies via a crafted payload entered into the search box.

WTCMS 1.0 contains a reflective cross-site scripting (XSS) vulnerability in the page management background which allows attackers to obtain cookies via a crafted payload entered into the search box.

Ссылки

EPSS

Процентиль: 52%

0.00296

Низкий

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2020-20345

CVSS3: 5.4

nvd

больше 4 лет назад

WTCMS 1.0 contains a reflective cross-site scripting (XSS) vulnerability in the page management background which allows attackers to obtain cookies via a crafted payload entered into the search box.

EPSS

Процентиль: 52%

0.00296

Низкий

CVE ID

Дефекты

CWE-79