Vulnerability Details CVE-2015-20113
Next Click Ventures RealtyScript 4.0.2 contains cross-site request forgery and persistent cross-site scripting vulnerabilities that allow attackers to perform administrative actions and inject malicious scripts. Attackers can craft malicious web pages that execute unauthorized actions when logged-in users visit them, or inject persistent scripts that execute in the application context.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 2.2%
CVSS Severity
CVSS v3 Score 5.3
References
Products affected by CVE-2015-20113
-
cpe:2.3:a:nextclickventures:realtyscript:4.0.2