Vulnerability Details CVE-2019-25445
Fiverr Clone Script 1.2.2 contains a cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating the keyword parameter. Attackers can craft URLs with script tags in the keyword parameter of search-results.php to execute arbitrary JavaScript in users' browsers.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 19.5%
CVSS Severity
CVSS v3 Score 6.1
References
Products affected by CVE-2019-25445
-
cpe:2.3:a:phpscriptsmall:fiverr_clone_script:1.2.2