Описание
Cross-site scripting (XSS) vulnerability in index.php in Warcraft III Replay Parser for PHP 1.8c allows remote attackers to inject arbitrary web script or HTML via the page parameter. NOTE: post-disclosure analysis by CVE suggests that the "page" parameter is not used in this product, and "id" might be the affected parameter.
Ссылки
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:juliusz_julas_gonera:warcraft_iii_replay_parser_php:1.8c:*:*:*:*:*:*:*
EPSS
Процентиль: 56%
0.00335
Низкий
5.8 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
Cross-site scripting (XSS) vulnerability in index.php in Warcraft III Replay Parser for PHP 1.8c allows remote attackers to inject arbitrary web script or HTML via the page parameter. NOTE: post-disclosure analysis by CVE suggests that the "page" parameter is not used in this product, and "id" might be the affected parameter.
EPSS
Процентиль: 56%
0.00335
Низкий
5.8 Medium
CVSS2
Дефекты
NVD-CWE-Other