exploitDog

GHSA-r25h-4q4w-q5q3

Опубликовано: 01 нояб. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 6.1

Описание

Online Blood Donation Management System v1.0 is vulnerable to multiple Store Cross-Site Scripting vulnerabilities. The 'firstName' parameter of the users/register.php resource is copied into the users/member.php document as plain text between tags. Any input is echoed unmodified in the users/member.php response.

Online Blood Donation Management System v1.0 is vulnerable to multiple Store Cross-Site Scripting vulnerabilities. The 'firstName' parameter of the users/register.php resource is copied into the users/member.php document as plain text between tags. Any input is echoed unmodified in the users/member.php response.

Ссылки

EPSS

Процентиль: 26%

0.0009

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2023-44484

CVSS3: 6.1

nvd

больше 2 лет назад

Online Blood Donation Management System v1.0 is vulnerable to a Stored Cross-Site Scripting vulnerability. The 'firstName' parameter of the users/register.php resource is copied into the users/member.php document as plain text between tags. Any input is echoed unmodified in the users/member.php response.

EPSS

Процентиль: 26%

0.0009

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79