Описание
PodcastGenerator 3.2.9 contains a stored cross-site scripting vulnerability in the Freebox content field accessible through the theme customization interface (theme_freebox.php). Malicious JavaScript payloads injected into the Freebox content execute when users visit the application's home page.
EPSS
Процентиль: 8%
0.00029
Низкий
4.6 Medium
CVSS3
Дефекты
CWE-79
Связанные уязвимости
CVSS3: 4.6
github
2 дня назад
PodcastGenerator 3.2.9 contains a stored cross-site scripting vulnerability in the Freebox content field accessible through the theme customization interface (theme_freebox.php). Malicious JavaScript payloads injected into the Freebox content execute when users visit the application's home page.
EPSS
Процентиль: 8%
0.00029
Низкий
4.6 Medium
CVSS3
Дефекты
CWE-79