Lucene search

K
githubGitHub Advisory DatabaseGHSA-969F-V7JV-PGJ3
HistoryMay 04, 2024 - 9:30 p.m.

ThinkPHP Cross-Site Scripting Vulnerability

2024-05-0421:30:33
GitHub Advisory Database
github.com
5
thinkphp
remote attackers
phpsession
cookie
debug error
get request
software vulnerability

5.7 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.0%

ThinkPHP 8.0.3 allows remote attackers to exploit XSS due to inadequate filtering of function argument values in think_exception.tpl.

Affected configurations

Vulners
Node
topthinkframeworkRange<6.0.17
OR
topthinkframeworkRange<6.1.5
OR
topthinkframeworkRange<8.0.4

5.7 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.0%

Related for GHSA-969F-V7JV-PGJ3