Описание
Cross-site scripting (XSS) vulnerability in comments/videowhisper2/r_logout.php in the Video Comments Webcam Recorder plugin 1.55, as downloaded before 20140116 for WordPress allows remote attackers to inject arbitrary web script or HTML via the message parameter.
Ссылки
- ExploitThird Party Advisory
- Patch
- ExploitThird Party Advisory
- Patch
Уязвимые конфигурации
Конфигурация 1Версия до 1.55 (включая)
cpe:2.3:a:videowhisper:video_comments_webcam_recorder:*:*:*:*:*:wordpress:*:*
EPSS
Процентиль: 44%
0.00221
Низкий
6.1 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-79
Связанные уязвимости
github
больше 3 лет назад
Cross-site scripting (XSS) vulnerability in comments/videowhisper2/r_logout.php in the Video Comments Webcam Recorder plugin 1.55, as downloaded before 20140116 for WordPress allows remote attackers to inject arbitrary web script or HTML via the message parameter.
EPSS
Процентиль: 44%
0.00221
Низкий
6.1 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-79