exploitDog

GHSA-gx87-2fm2-mvvj

Опубликовано: 01 фев. 2026

Источник: github

Github: Не прошло ревью

CVSS4: 4.8

CVSS3: 5.4

Описание

WebMO Job Manager 20.0 contains a cross-site scripting vulnerability in search parameters that allows remote attackers to inject malicious script code. Attackers can exploit the filterSearch and filterSearchType parameters to perform non-persistent attacks including session hijacking and external redirects.

WebMO Job Manager 20.0 contains a cross-site scripting vulnerability in search parameters that allows remote attackers to inject malicious script code. Attackers can exploit the filterSearch and filterSearchType parameters to perform non-persistent attacks including session hijacking and external redirects.

Ссылки

EPSS

Процентиль: 10%

0.00036

Низкий

4.8 Medium

CVSS4

5.4 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2021-47920

CVSS3: 5.4

nvd

7 дней назад

WebMO Job Manager 20.0 contains a cross-site scripting vulnerability in search parameters that allows remote attackers to inject malicious script code. Attackers can exploit the filterSearch and filterSearchType parameters to perform non-persistent attacks including session hijacking and external redirects.

EPSS

Процентиль: 10%

0.00036

Низкий

4.8 Medium

CVSS4

5.4 Medium

CVSS3

CVE ID

Дефекты

CWE-79