Описание
A vulnerability was found in yangzongzhuan RuoYi up to 4.8.1. Affected by this vulnerability is the function Edit of the file /system/notice/edit. The manipulation of the argument noticeTitle/noticeContent leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
EPSS
Процентиль: 7%
0.00031
Низкий
3.5 Low
CVSS3
4 Medium
CVSS2
Дефекты
CWE-79
Связанные уязвимости
CVSS3: 3.5
github
18 дней назад
A vulnerability was found in yangzongzhuan RuoYi up to 4.8.1. Affected by this vulnerability is the function Edit of the file /system/notice/edit. The manipulation of the argument noticeTitle/noticeContent leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
EPSS
Процентиль: 7%
0.00031
Низкий
3.5 Low
CVSS3
4 Medium
CVSS2
Дефекты
CWE-79