Lucene search

K

GoogleOSV:GHSA-8JMJ-4P32-MC9P

HistoryMay 24, 2022 - 4:49 p.m.

infusionsoft-php-sdk reflected Cross-site Scripting

2022-05-2416:49:18

Google

osv.dev

5

infusionsoft

php

sdk

cross-site scripting

leadscoring.php

contactid

vulnerability

AI Score

6

Confidence

High

EPSS

0.001

Percentile

39.7%

novaksolutions/infusionsoft-php-sdk before v1.0 is vulnerable to a reflected XSS in the leadscoring.php via ContactId parameter.

References

github.com/novaksolutions/infusionsoft-php-sdk

github.com/novaksolutions/infusionsoft-php-sdk/commit/110c06ffe0cdff3d8eb3ad2080eb2a5b83a916a5

github.com/novaksolutions/infusionsoft-php-sdk/issues/111

nvd.nist.gov/vuln/detail/CVE-2017-6216

AI Score

6

Confidence

High

EPSS

0.001

Percentile

39.7%

Related for OSV:GHSA-8JMJ-4P32-MC9P

cvelist1 osv1 github1 prion1 nvd1 cve1