exploitDog

GHSA-h6jw-5483-m266

Опубликовано: 01 мар. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 6.1

Описание

The Crazy Bone WordPress plugin through 0.6.0 does not sanitise and escape the username submitted via the login from when displaying them back in the log dashboard, leading to an unauthenticated Stored Cross-Site scripting

The Crazy Bone WordPress plugin through 0.6.0 does not sanitise and escape the username submitted via the login from when displaying them back in the log dashboard, leading to an unauthenticated Stored Cross-Site scripting

Ссылки

EPSS

Процентиль: 90%

0.05995

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2022-0385

CVSS3: 6.1

nvd

почти 4 года назад

The Crazy Bone WordPress plugin through 0.6.0 does not sanitise and escape the username submitted via the login from when displaying them back in the log dashboard, leading to an unauthenticated Stored Cross-Site scripting

EPSS

Процентиль: 90%

0.05995

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79