Описание
A stored cross-site scripting (XSS) vulnerability in the component admin/AdminRequestSqlController.php of thirty bees before 1.5.0 allows attackers to execute arbitrary web script or HTML via $e->getMessage() error mishandling.
A stored cross-site scripting (XSS) vulnerability in the component admin/AdminRequestSqlController.php of thirty bees before 1.5.0 allows attackers to execute arbitrary web script or HTML via $e->getMessage() error mishandling.
Связанные уязвимости
CVSS3: 5.4
nvd
около 2 лет назад
A stored cross-site scripting (XSS) vulnerability in the component admin/AdminRequestSqlController.php of thirty bees before 1.5.0 allows attackers to execute arbitrary web script or HTML via $e->getMessage() error mishandling.