Количество 2
Количество 2
CVE-2020-27852
A stored Cross-Site Scripting (XSS) vulnerability in the survey feature in Rocketgenius Gravity Forms before 2.4.21 allows remote attackers to inject arbitrary web script or HTML via a textarea field. This code is interpreted by users in a privileged role (Administrator, Editor, etc.).
GHSA-pjv5-v9gv-3679
Gravity Forms stored Cross-Site Scripting (XSS) vulnerability in the survey feature
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2020-27852 A stored Cross-Site Scripting (XSS) vulnerability in the survey feature in Rocketgenius Gravity Forms before 2.4.21 allows remote attackers to inject arbitrary web script or HTML via a textarea field. This code is interpreted by users in a privileged role (Administrator, Editor, etc.). | CVSS3: 5.4 | 0% Низкий | около 5 лет назад |
| GHSA-pjv5-v9gv-3679 Gravity Forms stored Cross-Site Scripting (XSS) vulnerability in the survey feature | CVSS3: 5.4 | 0% Низкий | больше 3 лет назад |
Уязвимостей на страницу