exploitDog

GHSA-hvwx-c823-vgxp

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

Описание

A cross-site scripting (XSS) vulnerability in the component install\install.sql of Xiuno BBS 4.0.4 allows attackers to execute arbitrary web scripts or HTML via changing the doctype value to 0.

A cross-site scripting (XSS) vulnerability in the component install\install.sql of Xiuno BBS 4.0.4 allows attackers to execute arbitrary web scripts or HTML via changing the doctype value to 0.

Ссылки

EPSS

Процентиль: 53%

0.00305

Низкий

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2020-21494

CVSS3: 6.1

nvd

больше 4 лет назад

A cross-site scripting (XSS) vulnerability in the component install\install.sql of Xiuno BBS 4.0.4 allows attackers to execute arbitrary web scripts or HTML via changing the doctype value to 0.

EPSS

Процентиль: 53%

0.00305

Низкий

CVE ID

Дефекты

CWE-79