| ID | CVE-2022-0643 | ||||||
| Sažetak | The Bank Mellat WordPress plugin through 1.3.7 does not sanitize and escape the orderId parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting. | ||||||
| Reference | |||||||
| CVSS |
|
||||||
| Pristup |
|
||||||
| Impact |
|
||||||
| CVSS vektor | AV:N/AC:M/Au:N/C:N/I:P/A:N | ||||||
| Zadnje važnije ažuriranje | 31-03-2022 - 16:54 | ||||||
| Objavljeno | 28-03-2022 - 18:15 |
