Описание
Cross-site scripting (XSS) vulnerability in the SupportEzzy Ticket System plugin 1.2.5 for WordPress allows remote authenticated users to inject arbitrary web script or HTML via the "URL (optional)" field in a new ticket.
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:supportezzy_ticket_system_project:supportezzy_ticket_system:1.2.5:*:*:*:*:wordpress:*:*
EPSS
Процентиль: 49%
0.00255
Низкий
4 Medium
CVSS2
Дефекты
CWE-79
Связанные уязвимости
github
больше 3 лет назад
Cross-site scripting (XSS) vulnerability in the SupportEzzy Ticket System plugin 1.2.5 for WordPress allows remote authenticated users to inject arbitrary web script or HTML via the "URL (optional)" field in a new ticket.
EPSS
Процентиль: 49%
0.00255
Низкий
4 Medium
CVSS2
Дефекты
CWE-79