exploitDog

CVE-2021-26832

Опубликовано: 14 апр. 2021

Источник: nvd

CVSS3: 6.1

CVSS2: 4.3

EPSS Низкий

Описание

Cross Site Scripting (XSS) in the "Reset Password" page form of Priority Enterprise Management System v8.00 allows attackers to execute javascript on behalf of the victim by sending a malicious URL or directing the victim to a malicious site.

Ссылки

https://github.com/NagliNagli/CVE-2021-26832
Third Party Advisory
https://github.com/NagliNagli/CVE-2021-26832
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:priority-software:priority_enterprise_management_system:8.00:*:*:*:*:*:*:*

EPSS

Процентиль: 43%

0.0021

Низкий

6.1 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-r2vv-jg8m-cm43

github

больше 3 лет назад

Cross Site Scripting (XSS) in the "Reset Password" page form of Priority Enterprise Management System v8.00 allows attackers to execute javascript on behalf of the victim by sending a malicious URL or directing the victim to a malicious site.

EPSS

Процентиль: 43%

0.0021

Низкий

6.1 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-79