Описание
Configuroweb Sistema Web de Inventario 1.0 is vulnerable to a Stored Cross-Site Scripting (XSS) due to the lack of input sanitization on the product name parameter (Nombre:Producto) allowing an authenticated attacker to inject malicious payloads and execute arbitrary JavaScript.
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:configuroweb:simple_web_inventory_system:1.0:*:*:*:*:*:*:*
EPSS
Процентиль: 17%
0.00052
Низкий
5.4 Medium
CVSS3
Дефекты
CWE-79
Связанные уязвимости
CVSS3: 5.4
github
4 месяца назад
Configuroweb Sistema Web de Inventario 1.0 is vulnerable to a Stored Cross-Site Scripting (XSS) due to the lack of input sanitization on the product name parameter (Nombre:Producto) allowing an authenticated attacker to inject malicious payloads and execute arbitrary JavaScript.
EPSS
Процентиль: 17%
0.00052
Низкий
5.4 Medium
CVSS3
Дефекты
CWE-79