Описание
Online Inventory Manager 3.2 contains a stored cross-site scripting vulnerability in the group description field of the admin edit groups section. Attackers can inject malicious JavaScript through the description field that will execute when the groups page is viewed, allowing potential cookie theft and client-side script execution.
EPSS
Процентиль: 12%
0.00042
Низкий
6.4 Medium
CVSS3
Дефекты
CWE-79
Связанные уязвимости
CVSS3: 6.4
github
4 дня назад
Online Inventory Manager 3.2 contains a stored cross-site scripting vulnerability in the group description field of the admin edit groups section. Attackers can inject malicious JavaScript through the description field that will execute when the groups page is viewed, allowing potential cookie theft and client-side script execution.
EPSS
Процентиль: 12%
0.00042
Низкий
6.4 Medium
CVSS3
Дефекты
CWE-79