Lucene search

K
cnvdChina National Vulnerability DatabaseCNVD-2022-56137
HistoryJul 08, 2022 - 12:00 a.m.

PESCMS cross-site scripting vulnerability

2022-07-0800:00:00
China National Vulnerability Database
www.cnvd.org.cn
18
pescms
cross-site scripting
version v2.3.3
content publishing platform
data validation
report.php
javascript code
client side
cnvd

EPSS

0.001

Percentile

34.5%

A cross-site scripting vulnerability exists in PESCMS version V2.3.3, a content publishing platform. The vulnerability stems from App/Team/GET/Report.php missing a data validation filter for user-supplied data and output. An attacker could exploit the vulnerability to execute JavaScript code on the client side.

EPSS

0.001

Percentile

34.5%

Related for CNVD-2022-56137