Описание
A reflected cross-site scripting (XSS) vulnerability in OpenKnowledgeMaps Head Start 7 allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into the 'file' parameter in 'displayPDF.php'.
Ссылки
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:openknowledgemaps:head_start:7:*:*:*:*:*:*:*
EPSS
Процентиль: 29%
0.00106
Низкий
6.1 Medium
CVSS3
Дефекты
CWE-79
Связанные уязвимости
CVSS3: 6.1
github
больше 2 лет назад
A reflected cross-site scripting (XSS) vulnerability in OpenKnowledgeMaps Head Start 7 allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into the 'file' parameter in 'displayPDF.php'.
EPSS
Процентиль: 29%
0.00106
Низкий
6.1 Medium
CVSS3
Дефекты
CWE-79