Vulnerability Details CVE-2019-13633
Blinger.io v.1.0.2519 is vulnerable to Blind/Persistent XSS. An attacker can send arbitrary JavaScript code via a built-in communication channel, such as Telegram, WhatsApp, Viber, Skype, Facebook, Vkontakte, or Odnoklassniki. This is mishandled within the administration panel for conversations/all, conversations/inbox, conversations/unassigned, and conversations/closed.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 64.4%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 4.3
References