Описание
Doctor's Appointment System 1.0 is vulnerable to Cross Site Scripting (XSS) via the admin panel. In addition, it leads to takeover the administrator account by stealing the cookie via XSS.
Ссылки
- http://packetstormsecurity.com/files/168211/Doctors-Appointment-System-1.0-Cross-Site-Scripting.htmlExploitThird Party AdvisoryVDB Entry
- Third Party Advisory
- Product
- http://packetstormsecurity.com/files/168211/Doctors-Appointment-System-1.0-Cross-Site-Scripting.htmlExploitThird Party AdvisoryVDB Entry
- Third Party Advisory
- Product
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:doctor\'s_appointment_system_project:doctor\'s_appointment_system:1.0:*:*:*:*:*:*:*
EPSS
Процентиль: 62%
0.00424
Низкий
6.1 Medium
CVSS3
Дефекты
CWE-79
Связанные уязвимости
CVSS3: 6.1
github
больше 3 лет назад
Doctor's Appointment System 1.0 is vulnerable to Cross Site Scripting (XSS) via the admin panel. In addition, it leads to takeover the administrator account by stealing the cookie via XSS.
EPSS
Процентиль: 62%
0.00424
Низкий
6.1 Medium
CVSS3
Дефекты
CWE-79