exploitDog

GHSA-w7gm-cfx6-4272

Опубликовано: 21 авг. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 6.5

Описание

Cross-site scripting (XSS) vulnerability in the component /common/reports of Akaunting v3.1.18 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the name parameter.

Cross-site scripting (XSS) vulnerability in the component /common/reports of Akaunting v3.1.18 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the name parameter.

Ссылки

EPSS

Процентиль: 20%

0.00066

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2025-55522

CVSS3: 6.5

nvd

6 месяцев назад

Cross-site scripting (XSS) vulnerability in the component /common/reports of Akaunting v3.1.18 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the name parameter.

EPSS

Процентиль: 20%

0.00066

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-79