Описание
A vulnerability classified as problematic has been found in SourceCodester Employee Management System 1.0. This affects an unknown part of the file edit-profile.php. The manipulation of the argument fullname/phone/date of birth/address/date of appointment leads to cross site scripting. It is possible to initiate the attack remotely. The associated identifier of this vulnerability is VDB-252279.
Ссылки
- ExploitMitigationThird Party Advisory
- ExploitMitigationThird Party Advisory
- Permissions Required
- Third Party Advisory
- ExploitMitigationThird Party Advisory
- ExploitMitigationThird Party Advisory
- Permissions Required
- Third Party Advisory
Уязвимые конфигурации
EPSS
3.5 Low
CVSS3
5.4 Medium
CVSS3
4 Medium
CVSS2
Дефекты
Связанные уязвимости
A vulnerability classified as problematic has been found in SourceCodester Employee Management System 1.0. This affects an unknown part of the file edit-profile.php. The manipulation of the argument fullname/phone/date of birth/address/date of appointment leads to cross site scripting. It is possible to initiate the attack remotely. The associated identifier of this vulnerability is VDB-252279.
EPSS
3.5 Low
CVSS3
5.4 Medium
CVSS3
4 Medium
CVSS2