exploitDog

CVE-2021-43689

Опубликовано: 01 дек. 2021

Источник: nvd

CVSS3: 6.1

CVSS2: 4.3

EPSS Низкий

Описание

manage (last update Oct 24, 2017) is affected by a Cross Site Scripting (XSS) vulnerability in Application/Home/Controller/GoodsController.class.php. The exit function will terminate the script and print a message which have values from $_POST.

Ссылки

https://github.com/yicenburan/manage/issues/2
Exploit
Issue Tracking
Third Party Advisory
https://github.com/yicenburan/manage/issues/2
Exploit
Issue Tracking
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:manage_project:manage:-:*:*:*:*:*:*:*

EPSS

Процентиль: 45%

0.00223

Низкий

6.1 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-9qr5-88v5-9335

github

около 4 лет назад

manage (last update Oct 24, 2017) is affected by is affected by a Cross Site Scripting (XSS) vulnerability in Application/Home/Controller/GoodsController.class.php. The exit function will terminate the script and print a message which have values from $_POST.

EPSS

Процентиль: 45%

0.00223

Низкий

6.1 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-79