Описание
Cross Site Scripting vulnerability in timetec AWDMS v.2.0 allows an attacker to obtain sensitive information via a crafted payload to the remark parameter of the New Zone function.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:timeteccloud:auto_web-based_database_management_system:2.0:*:*:*:*:*:*:*
EPSS
Процентиль: 39%
0.00176
Низкий
5.4 Medium
CVSS3
Дефекты
CWE-79
CWE-79
Связанные уязвимости
CVSS3: 5.4
github
около 2 лет назад
Cross Site Scripting vulnerability in timetec AWDMS v.2.0 allows an attacker to obtain sensitive information via a crafted payload to the remark parameter of the New Zone function.
EPSS
Процентиль: 39%
0.00176
Низкий
5.4 Medium
CVSS3
Дефекты
CWE-79
CWE-79