Описание
Cross-Site Scripting (XSS) vulnerability, whereby user-controlled input is not sufficiently encrypted. Exploitation of this vulnerability could allow an attacker to retrieve the session details of an authenticated user through JOBID and USERNAME parameters in /jobportal/process.php.
Ссылки
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:phpgurukul:job_portal:1.0:*:*:*:*:*:*:*
EPSS
Процентиль: 35%
0.00142
Низкий
6.3 Medium
CVSS3
6.1 Medium
CVSS3
Дефекты
CWE-79
Связанные уязвимости
CVSS3: 6.3
github
больше 1 года назад
Cross-Site Scripting (XSS) vulnerability, whereby user-controlled input is not sufficiently encrypted. Exploitation of this vulnerability could allow an attacker to retrieve the session details of an authenticated user through JOBID and USERNAME parameters in /jobportal/process.php.
EPSS
Процентиль: 35%
0.00142
Низкий
6.3 Medium
CVSS3
6.1 Medium
CVSS3
Дефекты
CWE-79