exploitDog

CVE-2022-28354

Опубликовано: 24 апр. 2023

Источник: nvd

CVSS3: 6.1

EPSS Низкий

Описание

In the Active Threads Plugin 1.3.0 for MyBB, the activethreads.php date parameter is vulnerable to XSS when setting a time period.

Ссылки

http://packetstormsecurity.com/files/171402/MyBB-Active-Threads-1.3.0-Cross-Site-Scripting.html
Exploit
Third Party Advisory
VDB Entry
https://community.mybb.com/mods.php?action=view&pid=1336
Product
http://packetstormsecurity.com/files/171402/MyBB-Active-Threads-1.3.0-Cross-Site-Scripting.html
Exploit
Third Party Advisory
VDB Entry
https://community.mybb.com/mods.php?action=view&pid=1336
Product

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:mybb:active_threads:1.3.0:*:*:*:*:*:*:*

EPSS

Процентиль: 27%

0.00095

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-79

CWE-79

Связанные уязвимости

GHSA-6hqf-qj93-6727

CVSS3: 6.1

github

почти 3 года назад

In the Active Threads Plugin 1.3.0 for MyBB, the activethreads.php date parameter is vulnerable to XSS when setting a time period.

EPSS

Процентиль: 27%

0.00095

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-79

CWE-79