CVE-2020-9405

CVE-2020-9405

CVSS 5.8 MEDIUMEPSS 0.6%

IBL Online Weather before 4.3.5a allows unauthenticated reflected XSS via the redirect page.

CVSS:3.0/AC:H/AV:N/A:L/C:L/I:L/PR:N/S:C/UI:R

Produtos afetados

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://github.com/dawid-czarnecki/public-vulnerabilities/tree/master/Online_Weather https://zigrin.com/advisories/online-weather-reflected-xss-in-redirect-page/