Описание
Complete Online Job Search System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the CATEGORY parameter at /category/controller.php?action=edit.
Ссылки
- https://github.com/xysasa/bug_report/blob/main/vendors/campcodes.com/online-job-search-system/XSS.mdExploitThird Party Advisory
- https://github.com/xysasa/bug_report/blob/main/vendors/campcodes.com/online-job-search-system/XSS.mdExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:complete_online_job_search_system_project:complete_online_job_search_system:1.0:*:*:*:*:*:*:*
EPSS
Процентиль: 49%
0.00257
Низкий
4.8 Medium
CVSS3
Дефекты
CWE-79
Связанные уязвимости
CVSS3: 4.8
github
больше 3 лет назад
Complete Online Job Search System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the CATEGORY parameter at /category/controller.php?action=edit.
EPSS
Процентиль: 49%
0.00257
Низкий
4.8 Medium
CVSS3
Дефекты
CWE-79