Описание
Mobile application "Testes de Codigo" v11.3 and prior allows stored XSS by injecting a payload in the "feedback" message field causing it to be stored in the remote database and leading to its execution on client devices when loading the "feedback list", either by accessing the website directly or using the mobile application.
Ссылки
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 11.3 (включая)
cpe:2.3:a:testes-codigo:testes_de_codigo:*:*:*:*:*:*:*:*
EPSS
Процентиль: 53%
0.00298
Низкий
5.4 Medium
CVSS3
3.5 Low
CVSS2
Дефекты
CWE-79
Связанные уязвимости
github
больше 3 лет назад
Mobile application "Testes de Codigo" v11.3 and prior allows stored XSS by injecting a payload in the "feedback" message field causing it to be stored in the remote database and leading to its execution on client devices when loading the "feedback list", either by accessing the website directly or using the mobile application.
EPSS
Процентиль: 53%
0.00298
Низкий
5.4 Medium
CVSS3
3.5 Low
CVSS2
Дефекты
CWE-79