Cross site scripting

2023-02-2023:15:00

PRIOn knowledge base

www.prio-n.com

cross-site scripting

client-side execution

erxes xos

8.9 High

AI Score

Confidence

High

0.053 Low

EPSS

Percentile

93.1%

JSON

Erxes, an experience operating system (XOS) with a set of plugins, is vulnerable to cross-site scripting in versions 0.22.3 and prior. This results in client-side code execution. The victim must follow a malicious link or be redirected there from malicious web site. There are no known patches.