5.3 Medium
CVSS4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
PASSIVE
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/SC:L/VI:L/SI:L/VA:L/SA:L/AU:Y/U:Clear/R:A
6.3 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
15.6%
Improper neutralization of input during web page generation vulnerability in 2ClickPortal software allows reflected cross-site scriptingΒ (XSS).Β An attacker might trick somebody into using a crafted URL, which will cause a script to be run in userβs browser.Β This issue affects 2ClickPortal software versions from 7.2.31 through 7.6.4.
[
{
"defaultStatus": "unaffected",
"product": "2ClickPortal",
"vendor": "Trol InterMedia Sp. z o.o. Sp. k.",
"versions": [
{
"lessThanOrEqual": "7.6.4",
"status": "affected",
"version": "7.2.31",
"versionType": "custom"
}
]
}
]