Описание
A stored cross site scripting (XSS) vulnerability in the 'Pages' feature of Codoforum v5.0.2 allows authenticated attackers to execute arbitrary web scripts or HTML via crafted payload entered into the 'Page Title' parameter.
Ссылки
- Product
- ExploitIssue TrackingThird Party Advisory
- Product
- ExploitIssue TrackingThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:codologic:codoforum:5.0.2:*:*:*:*:*:*:*
EPSS
Процентиль: 52%
0.00287
Низкий
5.4 Medium
CVSS3
3.5 Low
CVSS2
Дефекты
CWE-79
Связанные уязвимости
github
больше 3 лет назад
A stored cross site scripting (XSS) vulnerability in the 'Pages' feature of Codoforum v5.0.2 allows authenticated attackers to execute arbitrary web scripts or HTML via crafted payload entered into the 'Page Title' parameter.
EPSS
Процентиль: 52%
0.00287
Низкий
5.4 Medium
CVSS3
3.5 Low
CVSS2
Дефекты
CWE-79