CVE-2023-37630

Опубликовано: 12 июл. 2023

Источник: nvd

CVSS3: 6.1

EPSS Низкий

Описание

Online Piggery Management System 1.0 is vulnerable to Cross Site Scripting (XSS). An unauthenticated user can POST JavaScript code to "manage-breed.php" resulting in Persistent XSS.

Ссылки

https://github.com/1337kid/Piggery_CMS_multiple_vulns_PoC/tree/main/CVE-2023-37630
Exploit
Third Party Advisory
https://www.sourcecodester.com/php/11814/online-pig-management-system-basic-free-version.html
Product
https://github.com/1337kid/Piggery_CMS_multiple_vulns_PoC/tree/main/CVE-2023-37630
Exploit
Third Party Advisory
https://www.sourcecodester.com/php/11814/online-pig-management-system-basic-free-version.html
Product

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:simple_online_piggery_management_system_project:simple_online_piggery_management_system:1.0:*:*:*:*:*:*:*

EPSS

Процентиль: 67%

0.00549

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-79

Связанные уязвимости

GHSA-rv26-vmp7-v6v2