Описание
A reflected cross-site scripting (XSS) vulnerability in the List All FTP User Function in EHCP v20.04.1.b allows authenticated attackers to execute arbitrary JavaScript via injecting a crafted payload into the ftpusername parameter.
Ссылки
- Broken Link
- Product
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:ehcp:easy_hosting_control_panel:20.04.1.b:*:*:*:*:*:*:*
EPSS
Процентиль: 6%
0.00025
Низкий
6.3 Medium
CVSS3
Дефекты
CWE-79
Связанные уязвимости
CVSS3: 6.3
github
6 месяцев назад
A reflected cross-site scripting (XSS) vulnerability in the List All FTP User Function in EHCP v20.04.1.b allows authenticated attackers to execute arbitrary JavaScript via injecting a crafted payload into the ftpusername parameter.
EPSS
Процентиль: 6%
0.00025
Низкий
6.3 Medium
CVSS3
Дефекты
CWE-79