Описание
Reflected Cross-Site Scripting (rXSS) in krpano before version 1.23.2 allows a remote unauthenticated attacker to execute arbitrary JavaScript in the victim's browser via a crafted URL to the passQueryParameters function with the xml parameter enabled.
Уязвимые конфигурации
Конфигурация 1Версия до 1.23.2 (исключая)
cpe:2.3:a:krpano:krpano:*:*:*:*:*:*:*:*
EPSS
Процентиль: 11%
0.00038
Низкий
6.1 Medium
CVSS3
Дефекты
CWE-79
Связанные уязвимости
CVSS3: 6.1
github
2 месяца назад
Reflected Cross-Site Scripting (rXSS) in krpano before version 1.23.2 allows a remote unauthenticated attacker to execute arbitrary JavaScript in the victim's browser via a crafted URL to the passQueryParameters function with the xml parameter enabled.
EPSS
Процентиль: 11%
0.00038
Низкий
6.1 Medium
CVSS3
Дефекты
CWE-79