CVE-2024-25412

Sažetak

A cross-site scripting (XSS) vulnerability in Flatpress v1.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the email field.

Reference

https://drive.google.com/file/d/1GBL-iY5ZRaxRqLVqpBe1w6dVgEfywAG7/view?usp=sharing
https://github.com/paragbagul111/CVE-2024-25412

CVSS

Base:	6.1
Impact:	2.7
Exploitability:	2.8

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
LOW	LOW	NONE

CVSS vektor

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Zadnje važnije ažuriranje

07-10-2024 - 15:04

Objavljeno

27-09-2024 - 18:15