exploitDog

GHSA-v727-f8xf-p82m

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

Описание

Akaunting v1.3.17 was discovered to contain a stored cross-site scripting (XSS) vulnerability which allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the Company Name input field.

Akaunting v1.3.17 was discovered to contain a stored cross-site scripting (XSS) vulnerability which allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the Company Name input field.

Ссылки

EPSS

Процентиль: 51%

0.00281

Низкий

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2020-20908

CVSS3: 5.4

nvd

больше 4 лет назад

Akaunting v1.3.17 was discovered to contain a stored cross-site scripting (XSS) vulnerability which allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the Company Name input field.

EPSS

Процентиль: 51%

0.00281

Низкий

CVE ID

Дефекты

CWE-79