Описание
The PHPGurukul Online Shopping Portal Project version 2.0 contains a vulnerability that allows Cross-Site Request Forgery (CSRF) to lead to Stored Cross-Site Scripting (XSS). An attacker can exploit this vulnerability to execute arbitrary JavaScript code in the context of a user's session, potentially leading to account takeover.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:phpgurukul:online_shopping_portal:2.0:*:*:*:*:*:*:*
EPSS
Процентиль: 86%
0.03081
Низкий
6.1 Medium
CVSS3
Дефекты
CWE-352
Связанные уязвимости
CVSS3: 6.1
github
больше 1 года назад
The PHPGurukul Online Shopping Portal Project version 2.0 contains a vulnerability that allows Cross-Site Request Forgery (CSRF) to lead to Stored Cross-Site Scripting (XSS). An attacker can exploit this vulnerability to execute arbitrary JavaScript code in the context of a user's session, potentially leading to account takeover.
EPSS
Процентиль: 86%
0.03081
Низкий
6.1 Medium
CVSS3
Дефекты
CWE-352