Описание
Thirty Bees Core v1.4.0 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the backup_pagination parameter at /controller/AdminController.php. This vulnerability allows attackers to execute arbitrary JavaScript in the web browser of a user via a crafted payload.
Ссылки
- Patch
- Third Party Advisory
- Patch
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:thirtybees:thirty_bees:1.4.0:*:*:*:*:*:*:*
EPSS
Процентиль: 26%
0.0009
Низкий
6.1 Medium
CVSS3
Дефекты
CWE-79
Связанные уязвимости
CVSS3: 6.1
github
больше 2 лет назад
Thirty Bees Core v1.4.0 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the backup_pagination parameter at /controller/AdminController.php. This vulnerability allows attackers to execute arbitrary JavaScript in the web browser of a user via a crafted payload.
EPSS
Процентиль: 26%
0.0009
Низкий
6.1 Medium
CVSS3
Дефекты
CWE-79