Описание
A security flaw has been discovered in Portabilis i-Educar up to 2.10. This vulnerability affects unknown code of the file /agenda_preferencias.php. The manipulation of the argument tipoacao results in cross site scripting. The attack may be launched remotely. The exploit has been released to the public and may be exploited.
Ссылки
- ExploitThird Party Advisory
- Broken Link
- Permissions RequiredVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- ExploitThird Party Advisory
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1Версия до 2.10.0 (включая)
cpe:2.3:a:portabilis:i-educar:*:*:*:*:*:*:*:*
EPSS
Процентиль: 20%
0.00064
Низкий
4.3 Medium
CVSS3
6.1 Medium
CVSS3
5 Medium
CVSS2
Дефекты
CWE-79
Связанные уязвимости
CVSS3: 4.3
github
5 месяцев назад
A security flaw has been discovered in Portabilis i-Educar up to 2.10. This vulnerability affects unknown code of the file /agenda_preferencias.php. The manipulation of the argument tipoacao results in cross site scripting. The attack may be launched remotely. The exploit has been released to the public and may be exploited.
EPSS
Процентиль: 20%
0.00064
Низкий
4.3 Medium
CVSS3
6.1 Medium
CVSS3
5 Medium
CVSS2
Дефекты
CWE-79