Описание
Multiple cross-site scripting (XSS) vulnerabilities in (1) comersus_customerAuthenticateForm.asp, (2) comersus_backoffice_message.asp, (3) comersus_supportError.asp, or (4) comersus_message.asp in Comersus Cart 5.09 allow remote attackers to execute web script as other users via the message parameter.
Ссылки
- ExploitPatch
- ExploitPatch
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:comersus_open_technologies:comersus_cart:5.09:*:*:*:*:*:*:*
EPSS
Процентиль: 72%
0.00726
Низкий
6.8 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
Multiple cross-site scripting (XSS) vulnerabilities in (1) comersus_customerAuthenticateForm.asp, (2) comersus_backoffice_message.asp, (3) comersus_supportError.asp, or (4) comersus_message.asp in Comersus Cart 5.09 allow remote attackers to execute web script as other users via the message parameter.
EPSS
Процентиль: 72%
0.00726
Низкий
6.8 Medium
CVSS2
Дефекты
NVD-CWE-Other