Cross site scripting

2021-05-1412:15:00

PRIOn knowledge base

www.prio-n.com

0.001 Low

EPSS

Percentile

24.9%

The tab GET parameter of the settings page is not sanitised or escaped when being output back in an HTML attribute, leading to a reflected XSS issue.

CPENameOperatorVersion
accordionlt2.2.30

CPE	Name	Operator	Version
	accordion	lt	2.2.30

References

wpscan.com/vulnerability/6ccd9990-e15f-4800-b499-f7c74b480051

0.001 Low

EPSS

Percentile

24.9%

Related for PRION:CVE-2021-24283