exploitDog

CVE-2024-26019

Опубликовано: 11 апр. 2024

Источник: nvd

CVSS3: 5.4

EPSS Низкий

Описание

Ninja Forms prior to 3.8.1 contains a cross-site scripting vulnerability in submit processing. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who is accessing to the website using the product.

Ссылки

https://jvn.jp/en/jp/JVN50361500/
Third Party Advisory
https://ninjaforms.com/
Product
https://wordpress.org/plugins/ninja-forms/
Product
https://jvn.jp/en/jp/JVN50361500/
Third Party Advisory
https://ninjaforms.com/
Product
https://wordpress.org/plugins/ninja-forms/
Product

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:ninjaforms:ninja_forms:*:*:*:*:*:wordpress:*:*

Версия до 3.8.1 (исключая)

EPSS

Процентиль: 58%

0.00361

Низкий

5.4 Medium

CVSS3

Дефекты

CWE-79

Связанные уязвимости

GHSA-p5g2-89mm-prg6

CVSS3: 5.4

github

почти 2 года назад

Ninja Forms prior to 3.8.1 contains a cross-site scripting vulnerability in submit processing. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who is accessing to the website using the product.

EPSS

Процентиль: 58%

0.00361

Низкий

5.4 Medium

CVSS3

Дефекты

CWE-79