exploitDog

GHSA-r64g-q6gj-fmfr

Опубликовано: 01 сент. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 6.1

Описание

Doctor's Appointment System 1.0 is vulnerable to Cross Site Scripting (XSS) via the admin panel. In addition, it leads to takeover the administrator account by stealing the cookie via XSS.

Doctor's Appointment System 1.0 is vulnerable to Cross Site Scripting (XSS) via the admin panel. In addition, it leads to takeover the administrator account by stealing the cookie via XSS.

Ссылки

EPSS

Процентиль: 62%

0.00424

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2022-36203

CVSS3: 6.1

nvd

больше 3 лет назад

Doctor's Appointment System 1.0 is vulnerable to Cross Site Scripting (XSS) via the admin panel. In addition, it leads to takeover the administrator account by stealing the cookie via XSS.

EPSS

Процентиль: 62%

0.00424

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79