exploitDog

GHSA-p7cq-h6rv-rjw6

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 5.4

Описание

Nifty Project Management Web Application 2020-08-26 allows XSS, via Add Task, that is rendered upon a Project Home visit.

Nifty Project Management Web Application 2020-08-26 allows XSS, via Add Task, that is rendered upon a Project Home visit.

Ссылки

EPSS

Процентиль: 61%

0.00415

Низкий

5.4 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2020-25071

CVSS3: 5.4

nvd

больше 5 лет назад

Nifty Project Management Web Application 2020-08-26 allows XSS, via Add Task, that is rendered upon a Project Home visit. Note: It has been argued that this is not reproducible. "The original issue was that the task would be created and an alert would be shown on the screen. Now the task would be created, but the alert won't be executed as those attributes are now stripped.

EPSS

Процентиль: 61%

0.00415

Низкий

5.4 Medium

CVSS3

CVE ID

Дефекты

CWE-79