exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 2

CVE-2021-24323

больше 4 лет назад

When taxes are enabled, the "Additional tax classes" field was not properly sanitised or escaped before being output back in the admin dashboard, allowing high privilege users such as admin to use XSS payloads even when the unfiltered_html is disabled

CVSS3: 4.8

EPSS: Низкий

GHSA-mp46-7x6q-f28m

больше 3 лет назад

Woocommerce Cross-site Scripting via Additional tax classes field when taxes are enabled

CVSS3: 4.8

EPSS: Низкий

Уязвимостей на страницу

	Уязвимость	CVSS	EPSS	Опубликовано
	CVE-2021-24323 When taxes are enabled, the "Additional tax classes" field was not properly sanitised or escaped before being output back in the admin dashboard, allowing high privilege users such as admin to use XSS payloads even when the unfiltered_html is disabled	CVSS3: 4.8	0% Низкий	больше 4 лет назад
	GHSA-mp46-7x6q-f28m Woocommerce Cross-site Scripting via Additional tax classes field when taxes are enabled	CVSS3: 4.8	0% Низкий	больше 3 лет назад

Уязвимостей на страницу