6.1 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
26.2%
Benjamin BALET Jorani v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the Comment parameter at application/controllers/Leaves.php.
github.com/bbalet/jorani/commit/3d01cef4ee9cdd70cfe1ac4fd7f5d607dda0d0ca
github.com/bbalet/jorani/issues/369