exploitDog

CVE-2017-5631

Опубликовано: 01 мая 2017

Источник: nvd

CVSS3: 6.1

CVSS2: 4.3

EPSS Средний

Описание

An issue was discovered in KMCIS CaseAware. Reflected cross site scripting is present in the user parameter (i.e., "usr") that is transmitted in the login.php query string.

Ссылки

https://www.exploit-db.com/exploits/42042/
https://www.openbugbounty.org/incidents/228262/
Exploit
Third Party Advisory
https://www.exploit-db.com/exploits/42042/
https://www.openbugbounty.org/incidents/228262/
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:kmc_information_systems:caseaware:-:*:*:*:*:*:*:*

EPSS

Процентиль: 96%

0.2527

Средний

6.1 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-27rc-369w-4rpj

CVSS3: 6.1

github

больше 3 лет назад

An issue was discovered in KMCIS CaseAware. Reflected cross site scripting is present in the user parameter (i.e., "usr") that is transmitted in the login.php query string.

EPSS

Процентиль: 96%

0.2527

Средний

6.1 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-79