exploitDog

CVE-2023-41446

Опубликовано: 28 сент. 2023

Источник: nvd

CVSS3: 6.1

EPSS Низкий

Описание

Cross Site Scripting vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted script to the title parameter in the index.php component.

Ссылки

http://ajaxnewsticker.com
Broken Link
Product
http://phpkobo.com
Product
https://gist.github.com/RNPG/4bb91170f8ee50b395427f26bc96a1f2
Exploit
Third Party Advisory
http://ajaxnewsticker.com
Broken Link
Product
http://phpkobo.com
Product
https://gist.github.com/RNPG/4bb91170f8ee50b395427f26bc96a1f2
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:phpkobo:ajaxnewsticker:1.0.5:*:*:*:*:*:*:*

EPSS

Процентиль: 71%

0.00666

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-79

CWE-79

Связанные уязвимости

GHSA-grfr-9wgw-28v2

CVSS3: 6.1

github

больше 2 лет назад

Cross Site Scripting vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted script to the title parameter in the index.php component.

EPSS

Процентиль: 71%

0.00666

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-79

CWE-79