exploitDog

GHSA-p9hm-fjwg-ffw7

Опубликовано: 13 дек. 2025

Источник: github

Github: Не прошло ревью

CVSS4: 8.6

CVSS3: 5.4

Описание

ShineLan-X contains a stored cross site scripting (XSS) vulnerability in the Plant Name field. A HTML payload will be displayed on the plant management page via a direct post. This may allow attackers to force a legitimate user’s browser’s JavaScript engine to run malicious code.

ShineLan-X contains a stored cross site scripting (XSS) vulnerability in the Plant Name field. A HTML payload will be displayed on the plant management page via a direct post. This may allow attackers to force a legitimate user’s browser’s JavaScript engine to run malicious code.

Ссылки

EPSS

Процентиль: 9%

0.00034

Низкий

8.6 High

CVSS4

5.4 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2025-36750

CVSS3: 5.4

nvd

около 2 месяцев назад

ShineLan-X contains a stored cross site scripting (XSS) vulnerability in the Plant Name field. A HTML payload will be displayed on the plant management page via a direct post. This may allow attackers to force a legitimate user’s browser’s JavaScript engine to run malicious code.

EPSS

Процентиль: 9%

0.00034

Низкий

8.6 High

CVSS4

5.4 Medium

CVSS3

CVE ID

Дефекты

CWE-79