Описание
The jQuery Colorbox WordPress plugin through 4.6.3 uses the colorbox library, which does not sanitize title attributes on links before using them, allowing users with at least the contributor role to conduct XSS attacks against administrators.
EPSS
Процентиль: 15%
0.00048
Низкий
3.5 Low
CVSS3
Дефекты
Связанные уязвимости
CVSS3: 3.5
github
5 месяцев назад
The jQuery Colorbox WordPress plugin through 4.6.3 uses the colorbox library, which does not sanitize title attributes on links before using them, allowing users with at least the contributor role to conduct XSS attacks against administrators.
EPSS
Процентиль: 15%
0.00048
Низкий
3.5 Low
CVSS3