Cross site scripting

2021-05-2716:15:00

PRIOn knowledge base

www.prio-n.com

5.3 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

29.4%

JSON

Cross Site Scripting (XSS) in PHPMyWind v5.5 allows remote attackers to execute arbitrary code by injecting scripts into the parameter “$cfg_switchshow” of component " /admin/web_config.php".

CPENameOperatorVersion
phpmywindeq5.5

CPE	Name	Operator	Version
	phpmywind	eq	5.5

References

github.com/PearlyNautilus/Security-Code-Review/issues/4