exploitDog

CVE-2022-43487

Опубликовано: 05 дек. 2022

Источник: nvd

CVSS3: 6.1

EPSS Низкий

Описание

Cross-site scripting vulnerability in Salon booking system versions prior to 7.9 allows a remote unauthenticated attacker to inject an arbitrary script.

Ссылки

https://jvn.jp/en/jp/JVN59663854/index.html
Third Party Advisory
https://wordpress.org/plugins/salon-booking-system/
Product
https://www.salonbookingsystem.com/
Product
Vendor Advisory
https://jvn.jp/en/jp/JVN59663854/index.html
Third Party Advisory
https://wordpress.org/plugins/salon-booking-system/
Product
https://www.salonbookingsystem.com/
Product
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:salonbookingsystem:salon_booking_system:*:*:*:*:*:wordpress:*:*

Версия до 7.9 (исключая)

EPSS

Процентиль: 83%

0.0195

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-79

CWE-79

Связанные уязвимости

GHSA-v7x7-wh72-mxcc

CVSS3: 6.1

github

около 3 лет назад

Cross-site scripting vulnerability in Salon booking system versions prior to 7.9 allows a remote unauthenticated attacker to inject an arbitrary script.

EPSS

Процентиль: 83%

0.0195

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-79

CWE-79