Lucene search
Dmitrii IgnatyevWPEX-ID:9784D7C8-E3AA-42AF-ACE8-5B2B37EBC9CBHistoryFeb 13, 2024 - 12:00 a.m.
Starbox < 3.5.0 - Contributor+ Stored XSS
2024-02-1300:00:00
Dmitrii Ignatyev
56
starbox version 3.5.0
contributor+
stored xss
exploit
Description The plugin does not sanitise and escape some parameters, which could allow users with a role as low as Contributor to perform Cross-Site Scripting attacks
http://132" onmouseover='alert(1)'References
Related
cve
cve
CVE-2024-1273
2024-03-11 18:15:17
prion
prion
Cross site scripting
2024-03-11 18:15:00
wpvulndb
wpvulndb
Starbox < 3.5.0 - Contributor+ Stored XSS
2024-02-13 00:00:00
cvelist
cvelist
CVE-2024-1273 Starbox < 3.5.0 - Contributor+ Stored XSS
2024-03-11 17:56:05
nvd
nvd
CVE-2024-1273
2024-03-11 18:15:17
vulnrichment
vulnrichment
CVE-2024-1273 Starbox < 3.5.0 - Contributor+ Stored XSS
2024-03-11 17:56:05
AI Score
6.1
Confidence
High
EPSS
0
Percentile
9.0%
Related for WPEX-ID:9784D7C8-E3AA-42AF-ACE8-5B2B37EBC9CB