Design/Logic Flaw

2021-10-2220:15:00

PRIOn knowledge base

www.prio-n.com

0.001 Low

EPSS

Percentile

42.0%

JSON

TAO Open Source Assessment Platform v3.3.0 RC02 was discovered to contain a HTML injection vulnerability in the userFirstName parameter of the user account input field. This vulnerability allows attackers to execute phishing attacks, external redirects, and arbitrary code.

CPENameOperatorVersion
tao_assessment_platformeq3.3.0 rc2

CPE	Name	Operator	Version
	tao_assessment_platform	eq	3.3.0 rc2

References

cwe.mitre.org/data/definitions/79.html

www.vulnerability-lab.com/get_content.php?id=2215

0.001 Low

EPSS

Percentile

42.0%

JSON

Related for PRION:CVE-2020-23050