Описание
Cross Site Scripting (XSS) vulnerability in shadoweb wdja v1.5.1, allows attackers to execute arbitrary code and gain escalated privileges, via the backurl parameter to /php/passport/index.php.
Ссылки
- Issue TrackingThird Party Advisory
- Issue TrackingThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:wdja:wdja_cms:1.5.1:*:*:*:*:*:*:*
EPSS
Процентиль: 97%
0.31953
Средний
9.6 Critical
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-79
Связанные уязвимости
github
больше 3 лет назад
Cross Site Scripting (XSS) vulnerability in shadoweb wdja v1.5.1, allows attackers to execute arbitrary code and gain escalated privileges, via the backurl parameter to /php/passport/index.php.
EPSS
Процентиль: 97%
0.31953
Средний
9.6 Critical
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-79