Описание
FlatPress v1.3 is vulnerable to Cross Site Scripting (XSS). An attacker can inject malicious JavaScript code into the "Add New Entry" section, which allows them to execute arbitrary code in the context of a victim's web browser.
Ссылки
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:flatpress:flatpress:1.3:*:*:*:*:*:*:*
EPSS
Процентиль: 89%
0.04691
Низкий
5.4 Medium
CVSS3
Дефекты
CWE-79
CWE-79
Связанные уязвимости
CVSS3: 5.4
debian
больше 1 года назад
FlatPress v1.3 is vulnerable to Cross Site Scripting (XSS). An attacke ...
CVSS3: 5.4
github
больше 1 года назад
FlatPress v1.3 is vulnerable to Cross Site Scripting (XSS). An attacker can inject malicious JavaScript code into the "Add New Entry" section, which allows them to execute arbitrary code in the context of a victim's web browser.
EPSS
Процентиль: 89%
0.04691
Низкий
5.4 Medium
CVSS3
Дефекты
CWE-79
CWE-79