exploitDog

CVE-2025-8910

Опубликовано: 13 авг. 2025

Источник: nvd

CVSS3: 6.1

EPSS Низкий

Описание

Organization Portal System developed by WellChoose has a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote attackers to execute arbitrary JavaScript codes in user's browser through phishing attacks.

Ссылки

https://www.twcert.org.tw/en/cp-139-10325-70192-2.html
Third Party Advisory
https://www.twcert.org.tw/tw/cp-132-10321-3cae5-1.html
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:wellchoose:organization_portal_system:*:*:*:*:*:*:*:*

Версия до IFTOP_P3_2_1_197 (исключая)

EPSS

Процентиль: 14%

0.00047

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-79

Связанные уязвимости

GHSA-799j-gj9r-5852

CVSS3: 6.1

github

16 дней назад

Organization Portal System developed by WellChoose has a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote attackers to execute arbitrary JavaScript codes in user's browser through phishing attacks.

EPSS

Процентиль: 14%

0.00047

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-79