Опубликовано: 06 авг. 2024
Источник: github
Github: Прошло ревью
CVSS4: 5.1
CVSS3: 6.1
Описание
Microweber Reflected Cross-site scripting (XSS) vulnerability
A Reflected Cross-site scripting (XSS) vulnerability exists in '/search' in microweber 2.0.15 and earlier allowing unauthenticated remote attackers to inject arbitrary web script or HTML via the 'keywords' parameter.
Пакеты
Наименование
microweber/microweber
composer
Затронутые версииВерсия исправления
< 2.0.16
2.0.16
Связанные уязвимости
CVSS3: 6.1
nvd
больше 1 года назад
A Reflected Cross-site scripting (XSS) vulnerability exists in '/search' in microweber 2.0.15 and earlier allowing unauthenticated remote attackers to inject arbitrary web script or HTML via the 'keywords' parameter.