Finesoft Project: >> Finesoft Security Vulnerabilities
Cross Site Scripting vulnerability in Hangzhou Meisoft Information Technology Co., Ltd. Finesoft v.8.0 and before allows a remote attacker to execute arbitrary code via a crafted script.
CVSS Score
5.3
EPSS Score
0.008
Published
2024-06-24
Cross Site Scripting vulnerability in Hangzhou Meisoft Information Technology Co., Ltd. Finesoft v.8.0 and before allows a remote attacker to execute arbitrary code via a crafted script to the login.jsp parameter.
CVSS Score
6.1
EPSS Score
0.004
Published
2024-06-24
Hangzhou Meisoft Information Technology Co., Ltd. FineSoft <=8.0 is affected by Cross Site Scripting (XSS) which allows remote attackers to execute arbitrary code. Enter any account and password, click Login, the page will report an error, and a controllable parameter will appear at the URL:weburl.
CVSS Score
6.1
EPSS Score
0.001
Published
2024-06-24
A cross-site scripting (XSS) vulnerability in the login page of FineSoft v8.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the URL:errorname parameter after a failed login attempt.
CVSS Score
5.4
EPSS Score
0.004
Published
2024-05-30