Lucene search

K

MitreCVELIST:CVE-2019-13948

HistoryJul 18, 2019 - 3:56 p.m.

CVE-2019-13948

2019-07-1815:56:39

mitre

www.cve.org

0.001 Low

EPSS

Percentile

32.0%

SyGuestBook A5 Version 1.2 allows stored XSS because the isValidData function in include/functions.php does not properly block XSS payloads, as demonstrated by a crafted use of the onerror attribute of an IMG element.

References

fragrant10.github.io/2019/02/22/SyGuestBookA5%E4%BB%A3%E7%A0%81%E5%AE%A1%E8%AE%A1.html

github.com/fragrant10/fragrant10.github.io/blob/master/_posts/2019-02-22-SyGuestBookA5%E4%BB%A3%E7%A0%81%E5%AE%A1%E8%AE%A1.md

0.001 Low

EPSS

Percentile

32.0%

Related for CVELIST:CVE-2019-13948

prion1 cve1 nvd1