Rukovoditel: >> Rukovoditel >> 2.1 Security Vulnerabilities
Rukovoditel before 3.5.3 allows XSS via user_photo to My Page.
CVSS Score
6.1
EPSS Score
0.003
Published
2024-05-04
Rukovoditel before 3.5.3 allows XSS via user_photo to index.php?module=users/registration&action=save.
CVSS Score
7.1
EPSS Score
0.009
Published
2024-05-04
Rukovoditel through 2.4.1 allows XSS via a URL that lacks a module=users%2flogin substring.
CVSS Score
6.1
EPSS Score
0.027
Published
2019-05-07
Rukovoditel before 2.4.1 allows XSS.
CVSS Score
6.1
EPSS Score
0.074
Published
2019-02-05