Cross site scripting

2016-01-3015:59:00

PRIOn knowledge base

www.prio-n.com

5.7 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

35.6%

JSON

Cross-site scripting (XSS) vulnerability in JOB-CUBE -JOB WEB SYSTEM before 1.2.2 and -JOB WEB SYSTEM High Income 1.0.6 and earlier allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

CPENameOperatorVersion
job-cubele1.0.6
job-cubele1.2.1

CPE	Name	Operator	Version
	job-cube	le	1.0.6
	job-cube	le	1.2.1

References

jvn.jp/en/jp/JVN26921563/index.html

jvndb.jvn.jp/jvndb/JVNDB-2016-000017

www.ws-download.net/info.php?type=version&id=V0001081