Описание
A stored Cross Site Scripting vulnerability in the "related recommendations" feature in Ppress v.0.0.9 allows a remote attacker to execute arbitrary code via a crafted script to the article.title, article.category, and article.tags parameters.
Ссылки
- MitigationPatchThird Party Advisory
- ExploitIssue Tracking
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:yandaozi:ppress:0.0.9:beta:*:*:*:*:*:*
EPSS
Процентиль: 60%
0.00398
Низкий
6.5 Medium
CVSS3
Дефекты
CWE-79
Связанные уязвимости
CVSS3: 6.5
github
12 месяцев назад
A stored Cross Site Scripting vulnerability in the "related recommendations" feature in Ppress v.0.0.9 allows a remote attacker to execute arbitrary code via a crafted script to the article.title, article.category, and article.tags parameters.
EPSS
Процентиль: 60%
0.00398
Низкий
6.5 Medium
CVSS3
Дефекты
CWE-79