exploitDog

CVE-2023-43944

Опубликовано: 29 сент. 2023

Источник: nvd

CVSS3: 5.4

EPSS Низкий

Описание

A Stored Cross Site Scripting (XSS) vulnerability was found in SourceCodester Task Management System 1.0. It allows attackers to execute arbitrary code via parameter field in index.php?page=project_list.

Ссылки

https://purring-climb-52a.notion.site/Reflected-Cross-site-scripting-b6fd50b94b464313847bb52d4049154f?pvs=4
Exploit
Third Party Advisory
https://purring-climb-52a.notion.site/Reflected-Cross-site-scripting-b6fd50b94b464313847bb52d4049154f?pvs=4
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:oretnom23:task_management_system:1.0:*:*:*:*:*:*:*

EPSS

Процентиль: 25%

0.00086

Низкий

5.4 Medium

CVSS3

Дефекты

CWE-79

Связанные уязвимости

GHSA-53hq-8r26-rvgm

CVSS3: 5.4

github

больше 2 лет назад

A Stored Cross Site Scripting (XSS) vulnerability was found in SourceCodester Task Management System 1.0. It allows attackers to execute arbitrary code via parameter field in index.php?page=project_list.

EPSS

Процентиль: 25%

0.00086

Низкий

5.4 Medium

CVSS3

Дефекты

CWE-79