Описание
A flaw has been found in code-projects Exam Form Submission 1.0. The impacted element is an unknown function of the file /admin/update_fst.php. Executing a manipulation of the argument sname can lead to cross site scripting. It is possible to launch the attack remotely. The exploit has been published and may be used.
Ссылки
- Product
- Permissions RequiredVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:code-projects:exam_form_submission:1.0:*:*:*:*:*:*:*
EPSS
Процентиль: 8%
0.00027
Низкий
2.4 Low
CVSS3
4.8 Medium
CVSS3
3.3 Low
CVSS2
Дефекты
CWE-79
CWE-79
Связанные уязвимости
CVSS3: 2.4
github
9 дней назад
A flaw has been found in code-projects Exam Form Submission 1.0. The impacted element is an unknown function of the file /admin/update_fst.php. Executing a manipulation of the argument sname can lead to cross site scripting. It is possible to launch the attack remotely. The exploit has been published and may be used.
EPSS
Процентиль: 8%
0.00027
Низкий
2.4 Low
CVSS3
4.8 Medium
CVSS3
3.3 Low
CVSS2
Дефекты
CWE-79
CWE-79