Описание
A vulnerability classified as problematic was found in Mini-Tmall up to 20250211. This vulnerability affects unknown code of the file /admin of the component Admin Name Handler. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Ссылки
- ExploitThird Party Advisory
- Permissions RequiredVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2025-02-11 (включая)
cpe:2.3:a:projectteam:mini-tmall:*:*:*:*:*:*:*:*
EPSS
Процентиль: 24%
0.00081
Низкий
2.4 Low
CVSS3
5.4 Medium
CVSS3
3.3 Low
CVSS2
Дефекты
CWE-79
CWE-79
Связанные уязвимости
CVSS3: 2.4
github
11 месяцев назад
A vulnerability classified as problematic was found in Mini-Tmall up to 20250211. This vulnerability affects unknown code of the file /admin of the component Admin Name Handler. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
EPSS
Процентиль: 24%
0.00081
Низкий
2.4 Low
CVSS3
5.4 Medium
CVSS3
3.3 Low
CVSS2
Дефекты
CWE-79
CWE-79