exploitDog

GHSA-rcp7-vx52-hr5r

Опубликовано: 15 фев. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 6.1

Описание

Reflected Cross Site Scripting in Search Functionality of Module Library in Pandora FMS Console v766 and lower. This vulnerability arises on the forget password functionality in which parameter username does not proper input validation/sanitization thus results in executing malicious JavaScript payload.

Reflected Cross Site Scripting in Search Functionality of Module Library in Pandora FMS Console v766 and lower. This vulnerability arises on the forget password functionality in which parameter username does not proper input validation/sanitization thus results in executing malicious JavaScript payload.

Ссылки

EPSS

Процентиль: 52%

0.00285

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2022-47373

CVSS3: 6.4

ubuntu

почти 3 года назад

Reflected Cross Site Scripting in Search Functionality of Module Library in Pandora FMS Console v766 and lower. This vulnerability arises on the forget password functionality in which parameter username does not proper input validation/sanitization thus results in executing malicious JavaScript payload.

CVE-2022-47373

CVSS3: 6.4

nvd

почти 3 года назад

Reflected Cross Site Scripting in Search Functionality of Module Library in Pandora FMS Console v766 and lower. This vulnerability arises on the forget password functionality in which parameter username does not proper input validation/sanitization thus results in executing malicious JavaScript payload.

EPSS

Процентиль: 52%

0.00285

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79