exploitDog

CVE-2023-50566

Опубликовано: 14 дек. 2023

Источник: nvd

CVSS3: 5.4

EPSS Низкий

Описание

A stored cross-site scripting (XSS) vulnerability in EyouCMS-V1.6.5-UTF8-SP1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Public Security Registration Number parameter.

Ссылки

https://github.com/weng-xianhu/eyoucms/issues/56
Exploit
Issue Tracking
Third Party Advisory
https://github.com/weng-xianhu/eyoucms/issues/56
Exploit
Issue Tracking
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:eyoucms:eyoucms:1.6.5-utf8-sp1:*:*:*:*:*:*:*

EPSS

Процентиль: 40%

0.00183

Низкий

5.4 Medium

CVSS3

Дефекты

CWE-79

Связанные уязвимости

GHSA-p25g-chfp-cx26

CVSS3: 5.4

github

около 2 лет назад

A stored cross-site scripting (XSS) vulnerability in EyouCMS-V1.6.5-UTF8-SP1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Public Security Registration Number parameter.

EPSS

Процентиль: 40%

0.00183

Низкий

5.4 Medium

CVSS3

Дефекты

CWE-79