exploitDog

GHSA-wc36-xcjr-fj7g

Опубликовано: 17 мая 2022

Источник: github

Github: Не прошло ревью

Описание

Multiple cross-site scripting (XSS) vulnerabilities in register.php in Andy's PHP Knowledgebase (Aphpkb) before 0.95.8 allow remote attackers to inject arbitrary web script or HTML via the (1) first_name, (2) last_name, (3) email, or (4) username parameter.

Multiple cross-site scripting (XSS) vulnerabilities in register.php in Andy's PHP Knowledgebase (Aphpkb) before 0.95.8 allow remote attackers to inject arbitrary web script or HTML via the (1) first_name, (2) last_name, (3) email, or (4) username parameter.

Ссылки

EPSS

Процентиль: 54%

0.00309

Низкий

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2013-7289

nvd

около 12 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in register.php in Andy's PHP Knowledgebase (Aphpkb) before 0.95.8 allow remote attackers to inject arbitrary web script or HTML via the (1) first_name, (2) last_name, (3) email, or (4) username parameter.

EPSS

Процентиль: 54%

0.00309

Низкий

CVE ID

Дефекты

CWE-79