exploitDog

CVE-2023-33408

Опубликовано: 05 июн. 2023

Источник: nvd

CVSS3: 5.4

EPSS Низкий

Описание

Minical 1.0.0 is vulnerable to Cross Site Scripting (XSS). The vulnerability exists due to insufficient input validation in the application's user input handling in the security_helper.php file.

Ссылки

https://github.com/Thirukrishnan/CVE-2023-33408
Exploit
Third Party Advisory
https://github.com/minical/minical
Product
https://github.com/Thirukrishnan/CVE-2023-33408
Exploit
Third Party Advisory
https://github.com/minical/minical
Product

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:minical:minical:1.0.0:*:*:*:*:*:*:*

EPSS

Процентиль: 44%

0.00214

Низкий

5.4 Medium

CVSS3

Дефекты

CWE-79

CWE-79

Связанные уязвимости

GHSA-5qpm-vrqv-qcrv

CVSS3: 5.4

github

больше 2 лет назад

Minical 1.0.0 is vulnerable to Cross Site Scripting (XSS). The vulnerability exists due to insufficient input validation in the application's user input handling in the security_helper.php file.

EPSS

Процентиль: 44%

0.00214

Низкий

5.4 Medium

CVSS3

Дефекты

CWE-79

CWE-79