Описание
Cross-site scripting (XSS) vulnerability in (1) index.asp, (2) ChangePassword.asp, (3) users_list.asp, (4) and users_add.asp in Password Protect allows remote attackers to inject arbitrary web script or HTML via the ShowMsg parameter.
Ссылки
- ExploitVendor Advisory
- ExploitVendor AdvisoryURL Repurposed
- ExploitVendor Advisory
- ExploitVendor Advisory
- ExploitVendor AdvisoryURL Repurposed
- ExploitVendor Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:web_animations:password_protect:*:*:*:*:*:*:*:*
EPSS
Процентиль: 68%
0.00565
Низкий
4.3 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
Cross-site scripting (XSS) vulnerability in (1) index.asp, (2) ChangePassword.asp, (3) users_list.asp, (4) and users_add.asp in Password Protect allows remote attackers to inject arbitrary web script or HTML via the ShowMsg parameter.
EPSS
Процентиль: 68%
0.00565
Низкий
4.3 Medium
CVSS2
Дефекты
NVD-CWE-Other