Vulnerability Details CVE-2015-7383
Multiple cross-site scripting (XSS) vulnerabilities in Web Reference Database (aka refbase) through 0.9.6 and bleeding-edge through 2015-04-28 allow remote attackers to inject arbitrary web script or HTML via the (1) adminUserName, (2) pathToMYSQL, (3) databaseStructureFile, or (4) pathToBibutils parameter to install.php or the (5) adminUserName parameter to update.php.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 69.7%
CVSS Severity
CVSS v2 Score 4.3