Описание
JTBC(PHP) 3.0.1.7 has CSRF via the console/xml/manage.php?type=action&action=edit URI, as demonstrated by an XSS payload in the content parameter.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:jtbc:jtbc_php:3.0.1.7:*:*:*:*:*:*:*
EPSS
Процентиль: 35%
0.00146
Низкий
8.8 High
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-79
Связанные уязвимости
CVSS3: 8.8
github
больше 3 лет назад
JTBC(PHP) 3.0.1.7 has CSRF via the console/xml/manage.php?type=action&action=edit URI, as demonstrated by an XSS payload in the content parameter.
EPSS
Процентиль: 35%
0.00146
Низкий
8.8 High
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-79