exploitDog

GHSA-q7c7-4x5w-pjwf

Опубликовано: 06 окт. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 4.5

Описание

JavaScript can be ran inside the address bar via the dashboard "Open in new Tab" Button, making the application vulnerable to session hijacking.

JavaScript can be ran inside the address bar via the dashboard "Open in new Tab" Button, making the application vulnerable to session hijacking.

Ссылки

EPSS

Процентиль: 11%

0.00037

Низкий

4.5 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2025-9913

CVSS3: 4.5

nvd

10 дней назад

JavaScript can be ran inside the address bar via the dashboard "Open in new Tab" Button, making the application vulnerable to session hijacking.

EPSS

Процентиль: 11%

0.00037

Низкий

4.5 Medium

CVSS3

CVE ID

Дефекты

CWE-79