Описание
A flaw was found in the gi-docgen. This vulnerability allows arbitrary JavaScript execution in the context of the page — enabling DOM access, session cookie theft and other client-side attacks — via a crafted URL that supplies a malicious value to the q GET parameter (reflected DOM XSS).
EPSS
6.1 Medium
CVSS3
Дефекты
Связанные уязвимости
A flaw was found in the gi-docgen. This vulnerability allows arbitrary JavaScript execution in the context of the page — enabling DOM access, session cookie theft and other client-side attacks — via a crafted URL that supplies a malicious value to the q GET parameter (reflected DOM XSS).
A flaw was found in the gi-docgen. This vulnerability allows arbitrary ...
GI-DocGen vulnerable to Reflected XSS via unescaped query strings
EPSS
6.1 Medium
CVSS3