exploitDog

GHSA-v7cq-82w7-gpxq

Опубликовано: 07 мар. 2024

Источник: github

Github: Не прошло ревью

CVSS3: 4.7

Описание

Cross Site Scripting (XSS) vulnerability in the feedback form of Online Flight Booking Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the airline parameter.

Cross Site Scripting (XSS) vulnerability in the feedback form of Online Flight Booking Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the airline parameter.

Ссылки

EPSS

Процентиль: 37%

0.00154

Низкий

4.7 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2022-46091

CVSS3: 4.7

nvd

почти 2 года назад

Cross Site Scripting (XSS) vulnerability in the feedback form of Online Flight Booking Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the airline parameter.

EPSS

Процентиль: 37%

0.00154

Низкий

4.7 Medium

CVSS3

CVE ID

Дефекты

CWE-79