exploitDog

CVE-2020-29231

Опубликовано: 30 дек. 2020

Источник: nvd

CVSS3: 5.4

CVSS2: 3.5

EPSS Низкий

Описание

EGavilanMedia User Registration and Login System With Admin Panel 1.0 is affected by cross-site scripting (XSS) in the Admin Profile Page. This vulnerability can result in the attacker injecting the XSS payload in Admin Full Name and each time admin visits the Profile page from the admin panel, the XSS triggers.

Ссылки

http://egavilanmedia.com
Vendor Advisory
https://github.com/hemantsolo/CVE-Reference/blob/main/CVE-2020-29231.md
Exploit
Third Party Advisory
http://egavilanmedia.com
Vendor Advisory
https://github.com/hemantsolo/CVE-Reference/blob/main/CVE-2020-29231.md
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:egavilanmedia:user_registration_and_login_system_with_admin_panel:1.0:*:*:*:*:*:*:*

EPSS

Процентиль: 67%

0.00527

Низкий

5.4 Medium

CVSS3

3.5 Low

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-2xc3-3457-6965

github

больше 3 лет назад

EGavilanMedia User Registration and Login System With Admin Panel 1.0 is affected by cross-site scripting (XSS) in the Admin Profile Page. This vulnerability can result in the attacker injecting the XSS payload in Admin Full Name and each time admin visits the Profile page from the admin panel, the XSS triggers.

EPSS

Процентиль: 67%

0.00527

Низкий

5.4 Medium

CVSS3

3.5 Low

CVSS2

Дефекты

CWE-79