CVE-2023-40277

Опубликовано: 19 мар. 2024

Источник: nvd

CVSS3: 6.1

EPSS Низкий

Описание

An issue was discovered in OpenClinic GA 5.247.01. A Reflected Cross-Site Scripting (XSS) vulnerability has been discovered in the login.jsp message parameter.

Ссылки

https://github.com/BugBountyHunterCVE/CVE-2023-40277/blob/main/CVE-2023-40277_Reflected-XSS_OpenClinic-GA_5.247.01_Report.md
Exploit
Third Party Advisory
https://sourceforge.net/projects/open-clinic/
Product
https://github.com/BugBountyHunterCVE/CVE-2023-40277/blob/main/CVE-2023-40277_Reflected-XSS_OpenClinic-GA_5.247.01_Report.md
Exploit
Third Party Advisory
https://sourceforge.net/projects/open-clinic/
Product

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:openclinic_ga_project:openclinic_ga:5.247.01:*:*:*:*:*:*:*

EPSS

Процентиль: 53%

0.00299

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-79

Связанные уязвимости

GHSA-5c5r-q26r-g9rw