CVE-2022-40435

Опубликовано: 19 дек. 2022

Источник: nvd

CVSS3: 4.8

EPSS Низкий

Описание

Employee Performance Evaluation System v1.0 was discovered to contain a persistent cross-site scripting (XSS) vulnerability via adding new entries under the Departments and Designations module.

Ссылки

http://employee.com
Not Applicable
https://isaghojaria.medium.com/employee-performance-evaluation-system-v1-0-fdf7eb5eaf92
Exploit
Third Party Advisory
https://www.sourcecodester.com
Third Party Advisory
http://employee.com
Not Applicable
https://isaghojaria.medium.com/employee-performance-evaluation-system-v1-0-fdf7eb5eaf92
Exploit
Third Party Advisory
https://www.sourcecodester.com
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:employee_performance_evaluation_system_project:employee_performance_evaluation_system:1.0:*:*:*:*:*:*:*

EPSS

Процентиль: 63%

0.0044

Низкий

4.8 Medium

CVSS3

Дефекты

CWE-79

Связанные уязвимости

GHSA-8m5m-rfm8-x8v8