← volver
CVE-2023-53882

JLex GuestBook 1.6.4 Reflected Cross-Site Scripting via URL Parameter

CVSS 5.1 MEDIUMEPSS 0.3%CWE-79
JLex GuestBook 1.6.4 contains a reflected cross-site scripting vulnerability in the 'q' URL parameter that allows attackers to inject malicious scripts. Attackers can craft malicious links with XSS payloads to steal session tokens or execute arbitrary JavaScript in victims' browsers.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N
Productos afectados
jlexart · JLex GuestBook

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://jlexart.com/https://www.exploit-db.com/exploits/51647https://www.vulncheck.com/advisories/jlex-guestbook-reflected-cross-site-scripting-via-url-parameter