Описание
Multiple cross-site scripting (XSS) vulnerabilities in guestbook.php in Fantastic Guestbook 2.0.1, and possibly earlier versions, allow remote attackers to inject arbitrary web script or HTML via the (1) first_name, (2) last_name, or (3) nickname parameters.
Ссылки
- Broken LinkExploitVendor Advisory
- Broken LinkExploitVendor Advisory
- Broken Link
- Broken LinkThird Party AdvisoryVDB Entry
- Broken LinkExploitThird Party AdvisoryVDB Entry
- Broken Link
- Third Party AdvisoryVDB Entry
- Broken LinkExploitVendor Advisory
- Broken LinkExploitVendor Advisory
- Broken Link
- Broken LinkThird Party AdvisoryVDB Entry
- Broken LinkExploitThird Party AdvisoryVDB Entry
- Broken Link
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:fantastic_guestbook_project:fantastic_guestbook:2.0.1:*:*:*:*:*:*:*
EPSS
Процентиль: 74%
0.00845
Низкий
4.3 Medium
CVSS2
Дефекты
CWE-79
Связанные уязвимости
github
почти 4 года назад
Multiple cross-site scripting (XSS) vulnerabilities in guestbook.php in Fantastic Guestbook 2.0.1, and possibly earlier versions, allow remote attackers to inject arbitrary web script or HTML via the (1) first_name, (2) last_name, or (3) nickname parameters.
EPSS
Процентиль: 74%
0.00845
Низкий
4.3 Medium
CVSS2
Дефекты
CWE-79