CVE-2020-36553

Опубликовано: 15 июл. 2022

Источник: nvd

CVSS3: 5.4

CVSS2: 3.5

EPSS Низкий

Описание

Cross Site Scripting (XSS) vulnerability in sourcecodester Multi Restaurant Table Reservation System 1.0 via the Area(food_type) field to /dashboard/menu-list.php.

Ссылки

https://github.com/yunaranyancat/poc-dump/tree/main/MultiRestaurantReservationSystem/1.0
Exploit
Third Party Advisory
https://packetstormsecurity.com/files/159786/Multi-Restaurant-Table-Reservation-System-1.0-Cross-Site-Scripting.html
Exploit
Third Party Advisory
VDB Entry
https://www.exploit-db.com/exploits/49135
Exploit
Third Party Advisory
VDB Entry
https://www.sourcecodester.com/php/14568/multi-restaurant-table-reservation-system-php-full-source-code.html
Product
https://github.com/yunaranyancat/poc-dump/tree/main/MultiRestaurantReservationSystem/1.0
Exploit
Third Party Advisory
https://packetstormsecurity.com/files/159786/Multi-Restaurant-Table-Reservation-System-1.0-Cross-Site-Scripting.html
Exploit
Third Party Advisory
VDB Entry
https://www.exploit-db.com/exploits/49135
Exploit
Third Party Advisory
VDB Entry
https://www.sourcecodester.com/php/14568/multi-restaurant-table-reservation-system-php-full-source-code.html
Product

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:multi_restaurant_table_reservation_system_project:multi_restaurant_table_reservation_system:1.0:*:*:*:*:*:*:*

EPSS

Процентиль: 58%

0.00361

Низкий

5.4 Medium

CVSS3

3.5 Low

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-mwm4-5h3f-7f59