Описание
JLex GuestBook 1.6.4 contains a reflected cross-site scripting vulnerability in the 'q' URL parameter that allows attackers to inject malicious scripts. Attackers can craft malicious links with XSS payloads to steal session tokens or execute arbitrary JavaScript in victims' browsers.
EPSS
Процентиль: 20%
0.00064
Низкий
Дефекты
CWE-79
Связанные уязвимости
github
около 2 месяцев назад
JLex GuestBook 1.6.4 contains a reflected cross-site scripting vulnerability in the 'q' URL parameter that allows attackers to inject malicious scripts. Attackers can craft malicious links with XSS payloads to steal session tokens or execute arbitrary JavaScript in victims' browsers.
EPSS
Процентиль: 20%
0.00064
Низкий
Дефекты
CWE-79