exploitDog

CVE-2025-9773

Опубликовано: 01 сент. 2025

Источник: nvd

CVSS3: 4.3

CVSS3: 6.1

CVSS2: 5

EPSS Низкий

Описание

A flaw has been found in RemoteClinic up to 2.0. This vulnerability affects unknown code of the file /staff/edit.php. Executing manipulation of the argument Last Name can lead to cross site scripting. The attack can be launched remotely. The exploit has been published and may be used.

Ссылки

https://github.com/03hice-collab/CVE/issues/2
Exploit
Third Party Advisory
https://vuldb.com/?ctiid.322073
Permissions Required
VDB Entry
https://vuldb.com/?id.322073
Third Party Advisory
VDB Entry
https://vuldb.com/?submit.640893
Third Party Advisory
VDB Entry
https://github.com/03hice-collab/CVE/issues/2
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:remoteclinic:remote_clinic:*:*:*:*:*:*:*:*

Версия до 2.0 (включая)

EPSS

Процентиль: 12%

0.00041

Низкий

4.3 Medium

CVSS3

6.1 Medium

CVSS3

5 Medium

CVSS2

Дефекты

CWE-79

CWE-79

EPSS

Процентиль: 12%

0.00041

Низкий

4.3 Medium

CVSS3

6.1 Medium

CVSS3

5 Medium

CVSS2

Дефекты

CWE-79

CWE-79