Cross site scripting

2015-01-1315:59:00

PRIOn knowledge base

www.prio-n.com

6.2 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

57.0%

JSON

Cross-site scripting (XSS) vulnerability in Storytlr 1.3.dev and earlier allows remote attackers to inject arbitrary web script or HTML via the search parameter to search/.

CPENameOperatorVersion
storytlrle1.3

CPE	Name	Operator	Version
	storytlr	le	1.3

References

secunia.com/advisories/57182

exchange.xforce.ibmcloud.com/vulnerabilities/91762

www.netsparker.com/critical-xss-vulnerabilities-in-storytlr/