Описание
PHP Melody 3.0 contains a persistent cross-site scripting vulnerability in the video editor that allows privileged users to inject malicious scripts. Attackers can exploit the WYSIWYG editor to execute persistent scripts, potentially leading to session hijacking and application manipulation.
Ссылки
EPSS
Процентиль: 10%
0.00034
Низкий
6.4 Medium
CVSS3
Дефекты
CWE-79
Связанные уязвимости
CVSS3: 6.4
github
7 дней назад
PHP Melody 3.0 contains a persistent cross-site scripting vulnerability in the video editor that allows privileged users to inject malicious scripts. Attackers can exploit the WYSIWYG editor to execute persistent scripts, potentially leading to session hijacking and application manipulation.
EPSS
Процентиль: 10%
0.00034
Низкий
6.4 Medium
CVSS3
Дефекты
CWE-79