Описание
A vulnerability was determined in pojoin h3blog 1.0. The affected element is an unknown function of the file /admin/cms/material/add. Executing manipulation of the argument Name can lead to cross site scripting. It is possible to launch the attack remotely. The exploit has been publicly disclosed and may be utilized.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
- Permissions RequiredVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:h3blog:h3blog:1.0.0:*:*:*:*:*:*:*
EPSS
Процентиль: 8%
0.0003
Низкий
3.5 Low
CVSS3
4.8 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-79
CWE-79
Связанные уязвимости
CVSS3: 3.5
github
3 месяца назад
A vulnerability was determined in pojoin h3blog 1.0. The affected element is an unknown function of the file /admin/cms/material/add. Executing manipulation of the argument Name can lead to cross site scripting. It is possible to launch the attack remotely. The exploit has been publicly disclosed and may be utilized.
EPSS
Процентиль: 8%
0.0003
Низкий
3.5 Low
CVSS3
4.8 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-79
CWE-79