Vulnerability Details CVE-2021-41434
A stored Cross-Site Scripting (XSS) vulnerability exists in version 1.0 of the Expense Management System application that allows for arbitrary execution of JavaScript commands through index.php.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 35.2%
CVSS Severity
CVSS v3 Score 5.4
References
Products affected by CVE-2021-41434
-
cpe:2.3:a:oretnom23:expense_management_system:1.0