exploitDog

GHSA-j379-364f-696h

Опубликовано: 12 фев. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 5.4

Описание

Improper input validation vulnerability in SmartTagPlugin prior to version 1.2.15-6 allows privileged attackers to trigger a XSS on a victim's devices.

Improper input validation vulnerability in SmartTagPlugin prior to version 1.2.15-6 allows privileged attackers to trigger a XSS on a victim's devices.

Ссылки

EPSS

Процентиль: 65%

0.00481

Низкий

5.4 Medium

CVSS3

CVE ID

Дефекты

CWE-20

CWE-79

Связанные уязвимости

CVE-2022-24926

CVSS3: 5.7

nvd

почти 4 года назад

Improper input validation vulnerability in SmartTagPlugin prior to version 1.2.15-6 allows privileged attackers to trigger a XSS on a victim's devices.

EPSS

Процентиль: 65%

0.00481

Низкий

5.4 Medium

CVSS3

CVE ID

Дефекты

CWE-20

CWE-79