Описание
A vulnerability, which was classified as problematic, was found in xujiangfei admintwo 1.0. This affects an unknown part of the file /user/updateSet. The manipulation of the argument motto leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Ссылки
- ExploitThird Party Advisory
- Permissions RequiredVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:xujiangfei:admintwo:1.0:*:*:*:*:*:*:*
EPSS
Процентиль: 36%
0.0015
Низкий
3.5 Low
CVSS3
6.1 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-79
CWE-79
Связанные уязвимости
CVSS3: 3.5
github
10 месяцев назад
A vulnerability, which was classified as problematic, was found in xujiangfei admintwo 1.0. This affects an unknown part of the file /user/updateSet. The manipulation of the argument motto leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
EPSS
Процентиль: 36%
0.0015
Низкий
3.5 Low
CVSS3
6.1 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-79
CWE-79