exploitDog

GHSA-r4p4-4c25-8hph

Опубликовано: 01 мар. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 5.4

Описание

A stored cross-site scripting (XSS) vulnerability in Ice Hrm 30.0.0.OS allows attackers to steal cookies via a crafted payload inserted into the First Name field.

A stored cross-site scripting (XSS) vulnerability in Ice Hrm 30.0.0.OS allows attackers to steal cookies via a crafted payload inserted into the First Name field.

Ссылки

EPSS

Процентиль: 43%

0.00207

Низкий

5.4 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2022-25015

CVSS3: 5.4

nvd

почти 4 года назад

A stored cross-site scripting (XSS) vulnerability in Ice Hrm 30.0.0.OS allows attackers to steal cookies via a crafted payload inserted into the First Name field.

EPSS

Процентиль: 43%

0.00207

Низкий

5.4 Medium

CVSS3

CVE ID

Дефекты

CWE-79