exploitDog

GHSA-jcxc-mh25-387r

Опубликовано: 14 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 4.8

Описание

Multiple cross-site scripting (XSS) vulnerabilities in the Caldera Forms plugin before 1.6.0-rc.1 for WordPress allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) a greeting message, (2) the email transaction log, or (3) an imported form.

Multiple cross-site scripting (XSS) vulnerabilities in the Caldera Forms plugin before 1.6.0-rc.1 for WordPress allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) a greeting message, (2) the email transaction log, or (3) an imported form.

Ссылки

EPSS

Процентиль: 76%

0.00941

Низкий

4.8 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2018-7747

CVSS3: 4.8

nvd

почти 8 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in the Caldera Forms plugin before 1.6.0-rc.1 for WordPress allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) a greeting message, (2) the email transaction log, or (3) an imported form.

EPSS

Процентиль: 76%

0.00941

Низкий

4.8 Medium

CVSS3

CVE ID

Дефекты

CWE-79