Описание
Multiple stored cross site scripting (XSS) vulnerabilities in the "Register" module of House Rental and Property Listing 1.0 allows authenticated attackers to execute arbitrary web scripts or HTML via crafted payloads in all text fields except for Phone Number and Alternate Phone Number.
Ссылки
- ExploitThird Party AdvisoryVDB Entry
- Product
- https://www.sourcecodester.com/php/14649/house-rental-and-property-listing-php-full-source-code.htmlProduct
- ExploitThird Party AdvisoryVDB Entry
- Product
- https://www.sourcecodester.com/php/14649/house-rental-and-property-listing-php-full-source-code.htmlProduct
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:house_rental_and_property_listing_php_project:house_rental_and_property_listing_php:1.0:*:*:*:*:*:*:*
EPSS
Процентиль: 51%
0.00281
Низкий
5.4 Medium
CVSS3
3.5 Low
CVSS2
Дефекты
CWE-79
Связанные уязвимости
github
больше 3 лет назад
Multiple stored cross site scripting (XSS) vulnerabilities in the "Register" module of House Rental and Property Listing 1.0 allows authenticated attackers to execute arbitrary web scripts or HTML via crafted payloads in all text fields except for Phone Number and Alternate Phone Number.
EPSS
Процентиль: 51%
0.00281
Низкий
5.4 Medium
CVSS3
3.5 Low
CVSS2
Дефекты
CWE-79