exploitDog

GHSA-xr5v-6j2h-c7g8

Опубликовано: 11 апр. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 6.4

Описание

W. W. Norton InQuizitive through 2025-04-08 allows students to conduct stored XSS attacks against educators via a bonus description, feedback.choice_fb[], or question_id.

W. W. Norton InQuizitive through 2025-04-08 allows students to conduct stored XSS attacks against educators via a bonus description, feedback.choice_fb[], or question_id.

Ссылки

EPSS

Процентиль: 34%

0.0014

Низкий

6.4 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2025-32809

CVSS3: 6.4

nvd

10 месяцев назад

W. W. Norton InQuizitive through 2025-04-08 allows students to conduct stored XSS attacks against educators via a bonus description, feedback.choice_fb[], or question_id.

EPSS

Процентиль: 34%

0.0014

Низкий

6.4 Medium

CVSS3

CVE ID

Дефекты

CWE-79