exploitDog

CVE-2018-12652

Опубликовано: 25 мар. 2019

Источник: nvd

CVSS3: 6.1

CVSS2: 4.3

EPSS Низкий

Описание

A Reflected Cross Site Scripting (XSS) Vulnerability was discovered in Adrenalin 5.4 HRMS Software. The user supplied input containing JavaScript is echoed back in JavaScript code in an HTML response via the LeaveEmployeeSearch.aspx prntFrmName or prntDDLCntrlName parameter.

Ссылки

https://www.knowcybersec.com/2019/02/CVE-2018-12652-reflected-XSS.html
Exploit
Third Party Advisory
https://www.knowcybersec.com/2019/02/CVE-2018-12652-reflected-XSS.html
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:myadrenalin:adrenalin:5.4.0:*:*:*:*:*:*:*

EPSS

Процентиль: 47%

0.0024

Низкий

6.1 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-968f-qp4p-229q

CVSS3: 6.1

github

больше 3 лет назад

A Reflected Cross Site Scripting (XSS) Vulnerability was discovered in Adrenalin 5.4 HRMS Software. The user supplied input containing JavaScript is echoed back in JavaScript code in an HTML response via the LeaveEmployeeSearch.aspx prntFrmName or prntDDLCntrlName parameter.

EPSS

Процентиль: 47%

0.0024

Низкий

6.1 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-79