Описание
Reflected cross-site scripting in the StudentSearch component in IDAttend’s IDWeb application 3.1.052 and earlier allows hijacking of a user’s browsing session by attackers who have convinced the said user to click on a malicious link.
Ссылки
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 3.1.053 (исключая)
cpe:2.3:a:idattend:idweb:*:*:*:*:*:*:*:*
EPSS
Процентиль: 49%
0.00256
Низкий
7.5 High
CVSS3
6.1 Medium
CVSS3
Дефекты
CWE-79
CWE-79
Связанные уязвимости
CVSS3: 7.5
github
больше 2 лет назад
Reflected cross-site scripting in the StudentSearch component in IDAttend’s IDWeb application 3.1.052 and earlier allows hijacking of a user’s browsing session by attackers who have convinced the said user to click on a malicious link.
EPSS
Процентиль: 49%
0.00256
Низкий
7.5 High
CVSS3
6.1 Medium
CVSS3
Дефекты
CWE-79
CWE-79