Rukovoditel: >> Rukovoditel >> 1.5 Security Vulnerabilities
Rukovoditel before 3.5.3 allows XSS via user_photo to My Page.
CVSS Score
6.1
EPSS Score
0.005
Published
2024-05-04
Rukovoditel before 3.5.3 allows XSS via user_photo to index.php?module=users/registration&action=save.
CVSS Score
7.1
EPSS Score
0.012
Published
2024-05-04
Rukovoditel through 2.4.1 allows XSS via a URL that lacks a module=users%2flogin substring.
CVSS Score
6.1
EPSS Score
0.022
Published
2019-05-07
Rukovoditel before 2.4.1 allows XSS.
CVSS Score
6.1
EPSS Score
0.074
Published
2019-02-05