Описание
A security vulnerability has been detected in givanz Vvveb 1.0.7.2. This affects an unknown part of the file app/template/user/login.tpl. Such manipulation of the argument Email/Password leads to cross site scripting. The attack can be executed remotely. The name of the patch is bbd4c42c66ab818142240348173a669d1d2537fe. Applying a patch is advised to resolve this issue.
Ссылки
- Patch
- ExploitIssue TrackingThird Party Advisory
- ExploitThird Party Advisory
- Permissions RequiredVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- ExploitIssue TrackingThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:vvveb:vvveb:1.0.7.2:*:*:*:*:*:*:*
EPSS
Процентиль: 19%
0.0006
Низкий
4.3 Medium
CVSS3
6.1 Medium
CVSS3
5 Medium
CVSS2
Дефекты
CWE-79
CWE-79
EPSS
Процентиль: 19%
0.0006
Низкий
4.3 Medium
CVSS3
6.1 Medium
CVSS3
5 Medium
CVSS2
Дефекты
CWE-79
CWE-79