CVEDB API

templates/forms/thanks.html in Formspree before 2018-01-23 allows XSS related to the _next parameter.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 45.0%

CVSS Severity

CVSS v3 Score 6.1

CVSS v2 Score 4.3

References

Products affected by CVE-2018-6354

Formspree » Formspree » Version: 2018-01-09

cpe:2.3:a:formspree:formspree:2018-01-09
Formspree » Formspree » Version: 2018-01-10

cpe:2.3:a:formspree:formspree:2018-01-10
Formspree » Formspree » Version: 2018-01-12

cpe:2.3:a:formspree:formspree:2018-01-12
Formspree » Formspree » Version: 2018-01-14

cpe:2.3:a:formspree:formspree:2018-01-14
Formspree » Formspree » Version: 2018-01-15

cpe:2.3:a:formspree:formspree:2018-01-15
Formspree » Formspree » Version: 2018-01-16

cpe:2.3:a:formspree:formspree:2018-01-16