Описание
A vulnerability was identified in pojoin h3blog 1.0. The impacted element is an unknown function of the file /admin/cms/category/addtitle. The manipulation of the argument Title leads to cross site scripting. The attack can be initiated remotely. The exploit is publicly available and might be used.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
- Permissions Required
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:h3blog:h3blog:1.0.0:*:*:*:*:*:*:*
EPSS
Процентиль: 15%
0.00047
Низкий
3.5 Low
CVSS3
4.8 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-79
CWE-79
Связанные уязвимости
CVSS3: 3.5
github
3 месяца назад
A vulnerability was identified in pojoin h3blog 1.0. The impacted element is an unknown function of the file /admin/cms/category/addtitle. The manipulation of the argument Title leads to cross site scripting. The attack can be initiated remotely. The exploit is publicly available and might be used.
EPSS
Процентиль: 15%
0.00047
Низкий
3.5 Low
CVSS3
4.8 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-79
CWE-79