exploitDog

CVE-2021-43432

Опубликовано: 07 апр. 2022

Источник: nvd

CVSS3: 6.1

CVSS2: 4.3

EPSS Низкий

Описание

A Cross Site Scripting (XSS) vulnerability exists in Exrick XMall Admin Panel as of 11/7/2021 via the GET parameter in product-add.jsp.

Ссылки

http://exrick.com
Not Applicable
URL Repurposed
https://github.com/Exrick/xmall
Third Party Advisory
https://github.com/Exrick/xmall/blob/b146cceb21ca42d4237f31dbd7af5ced49048a56/xmall-manager-web/src/main/webapp/WEB-INF/jsp/product-add.jsp#L38
Patch
Third Party Advisory
https://github.com/Exrick/xmall/blob/b146cceb21ca42d4237f31dbd7af5ced49048a56/xmall-manager-web/src/main/webapp/WEB-INF/jsp/product-add.jsp#L4
Patch
Third Party Advisory
http://exrick.com
Not Applicable
URL Repurposed
https://github.com/Exrick/xmall
Third Party Advisory
https://github.com/Exrick/xmall/blob/b146cceb21ca42d4237f31dbd7af5ced49048a56/xmall-manager-web/src/main/webapp/WEB-INF/jsp/product-add.jsp#L38
Patch
Third Party Advisory
https://github.com/Exrick/xmall/blob/b146cceb21ca42d4237f31dbd7af5ced49048a56/xmall-manager-web/src/main/webapp/WEB-INF/jsp/product-add.jsp#L4
Patch
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:exrick:xmall:*:*:*:*:*:*:*:*

Версия до 2021-11-07 (включая)

EPSS

Процентиль: 54%

0.00308

Низкий

6.1 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-hx46-gcq8-4c72

CVSS3: 6.1

github

почти 4 года назад

A Cross Site Scripting (XSS) vulnerability exists in Exrick XMall Admin Panel as of 11/7/2021 via the GET parameter in product-add.jsp.

EPSS

Процентиль: 54%

0.00308

Низкий

6.1 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-79