exploitDog

CVE-2022-45285

Опубликовано: 13 фев. 2023

Источник: nvd

CVSS3: 6.1

EPSS Низкий

Описание

Vsourz Digital Advanced Contact form 7 DB Versions 1.7.2 and 1.9.1 is vulnerable to Cross Site Scripting (XSS).

Ссылки

https://github.com/IthacaLabs/Vsourz-Digital/blob/main/AdvancedContactForm_CF7_DB_XSS/
Exploit
Third Party Advisory
https://github.com/IthacaLabs/Vsourz-Digital/blob/main/AdvancedContactForm_CF7_DB_XSS/AdvancedContactForm_CF7_DB_XSS.txt
Exploit
Third Party Advisory
https://github.com/IthacaLabs/Vsourz-Digital/blob/main/AdvancedContactForm_CF7_DB_XSS/
Exploit
Third Party Advisory
https://github.com/IthacaLabs/Vsourz-Digital/blob/main/AdvancedContactForm_CF7_DB_XSS/AdvancedContactForm_CF7_DB_XSS.txt
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:vsourz:advanced_cf7_db:1.7.2:*:*:*:*:wordpress:*:*

cpe:2.3:a:vsourz:advanced_cf7_db:1.9.1:*:*:*:*:wordpress:*:*

EPSS

Процентиль: 32%

0.00124

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-79

CWE-79

Связанные уязвимости

GHSA-249j-wgjq-35gx

CVSS3: 6.1

github

почти 3 года назад

Vsourz Digital Advanced Contact form 7 DB Versions 1.7.2 and 1.9.1 is vulnerable to Cross Site Scripting (XSS).

EPSS

Процентиль: 32%

0.00124

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-79

CWE-79