Описание
Simple CMS 2.1 contains a non-persistent cross-site scripting vulnerability in the preview.php file's id parameter. Attackers can inject malicious script code through a GET request to execute arbitrary scripts and potentially hijack user sessions or perform phishing attacks.
EPSS
Процентиль: 12%
0.00039
Низкий
6.4 Medium
CVSS3
Дефекты
CWE-79
Связанные уязвимости
CVSS3: 6.4
github
6 дней назад
Simple CMS 2.1 contains a non-persistent cross-site scripting vulnerability in the preview.php file's id parameter. Attackers can inject malicious script code through a GET request to execute arbitrary scripts and potentially hijack user sessions or perform phishing attacks.
EPSS
Процентиль: 12%
0.00039
Низкий
6.4 Medium
CVSS3
Дефекты
CWE-79