Описание
OPEXUS eCASE Audit allows an authenticated attacker to save JavaScript in the "A or SIC Number" field within the Project Setup functionality. The JavaScript is executed whenever another user views the project. Fixed in OPEXUS eCASE Audit 11.14.2.0.
EPSS
Процентиль: 9%
0.00033
Низкий
5.5 Medium
CVSS3
Дефекты
CWE-79
Связанные уязвимости
CVSS3: 5.5
github
30 дней назад
OPEXUS eCASE Audit allows an authenticated attacker to save JavaScript in the "A or SIC Number" field within the Project Setup functionality. The JavaScript is executed whenever another user views the project. Fixed in OPEXUS eCASE Audit 11.14.2.0.
EPSS
Процентиль: 9%
0.00033
Низкий
5.5 Medium
CVSS3
Дефекты
CWE-79