Описание
HTML injection vulnerability found in Fairsketch's RISE CRM Framework v3.8.1, which consist of an HTML code injection due to lack of proper validation of user inputs by sending a POST request in parameter 'first_name' in '/clients/save_contact/'.
Уязвимые конфигурации
Конфигурация 1Версия до 3.9 (исключая)
cpe:2.3:a:fairsketch:rise_ultimate_project_manager:*:*:*:*:*:*:*:*
EPSS
Процентиль: 9%
0.00033
Низкий
5.4 Medium
CVSS3
Дефекты
CWE-79
Связанные уязвимости
CVSS3: 5.4
github
3 месяца назад
HTML injection vulnerability found in Fairsketch's RISE CRM Framework v3.8.1, which consist of an HTML code injection due to lack of proper validation of user inputs by sending a POST request in parameter 'first_name' in '/clients/save_contact/'.
EPSS
Процентиль: 9%
0.00033
Низкий
5.4 Medium
CVSS3
Дефекты
CWE-79