Design/Logic Flaw

2022-01-2820:15:00

PRIOn knowledge base

www.prio-n.com

5.6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

22.0%

JSON

SYNEL - eharmony Authenticated Blind & Stored XSS. Inject JS code into the “comments” field could lead to potential stealing of cookies, loading of HTML tags and JS code onto the system.

CPENameOperatorVersion
eharmonyeq8.0.2.3

CPE	Name	Operator	Version
	eharmony	eq	8.0.2.3

References

www.gov.il/en/departments/faq/cve_advisories