PT-2022-25880 · Rpcms · Rpcms
Ahisec
·
Published
2022-10-13
·
Updated
2022-10-14
·
CVE-2022-41473
CVSS v3.1
6.1
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
RPCMS version 3.0.2
Description
A reflected cross-site scripting (XSS) issue was found in the Search function. This could potentially allow an attacker to inject malicious scripts into the website.
Recommendations
For RPCMS version 3.0.2, update to a version that fixes the reflected cross-site scripting issue in the Search function, or as a temporary workaround, consider restricting access to the Search function to minimize the risk of exploitation.
Exploit
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Rpcms