Описание
A vulnerability has been found in Worksuite HR, CRM and Project Management up to 5.5.25. The affected element is an unknown function of the file /account/orders/create. The manipulation of the argument Client Note leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
EPSS
Процентиль: 8%
0.00029
Низкий
2.4 Low
CVSS3
3.3 Low
CVSS2
Дефекты
CWE-79
Связанные уязвимости
CVSS3: 2.4
github
25 дней назад
A vulnerability has been found in Worksuite HR, CRM and Project Management up to 5.5.25. The affected element is an unknown function of the file /account/orders/create. The manipulation of the argument Client Note leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
EPSS
Процентиль: 8%
0.00029
Низкий
2.4 Low
CVSS3
3.3 Low
CVSS2
Дефекты
CWE-79