Описание
Cross-site scripting (XSS) vulnerability in comersus_searchItem.asp in Comersus 3.90 to 4.51 allows remote attackers to inject arbitrary web script or HTML via the curPage parameter.
Ссылки
- ExploitVendor Advisory
- Exploit
- ExploitPatch
- ExploitVendor Advisory
- Exploit
- ExploitPatch
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:comersus_open_technologies:comersus_cart:3.90:*:*:*:*:*:*:*
cpe:2.3:a:comersus_open_technologies:comersus_cart:4.00:*:*:*:*:*:*:*
cpe:2.3:a:comersus_open_technologies:comersus_cart:4.14:*:*:*:*:*:*:*
cpe:2.3:a:comersus_open_technologies:comersus_cart:4.20b:*:*:*:*:*:*:*
cpe:2.3:a:comersus_open_technologies:comersus_cart:4.23:*:*:*:*:*:*:*
cpe:2.3:a:comersus_open_technologies:comersus_cart:4.27:*:*:*:*:*:*:*
cpe:2.3:a:comersus_open_technologies:comersus_cart:4.28:*:*:*:*:*:*:*
cpe:2.3:a:comersus_open_technologies:comersus_cart:4.29:*:*:*:*:*:*:*
cpe:2.3:a:comersus_open_technologies:comersus_cart:4.36:*:*:*:*:*:*:*
cpe:2.3:a:comersus_open_technologies:comersus_cart:4.47:*:*:*:*:*:*:*
cpe:2.3:a:comersus_open_technologies:comersus_cart:4.051:*:*:*:*:*:*:*
EPSS
Процентиль: 74%
0.00834
Низкий
4.3 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
Cross-site scripting (XSS) vulnerability in comersus_searchItem.asp in Comersus 3.90 to 4.51 allows remote attackers to inject arbitrary web script or HTML via the curPage parameter.
EPSS
Процентиль: 74%
0.00834
Низкий
4.3 Medium
CVSS2
Дефекты
NVD-CWE-Other