Cross site scripting

2022-07-1422:15:00

PRIOn knowledge base

www.prio-n.com

0.002 Low

EPSS

Percentile

54.1%

Portal do Software Publico Brasileiro i3geo v7.0.5 was discovered to contain a cross-site scripting (XSS) vulnerability via svg2img.php.

CPENameOperatorVersion
i3geoeq7.0.5

CPE	Name	Operator	Version
	i3geo	eq	7.0.5

References

github.com/edmarmoretti/i3geo/issues/3

github.com/saladesituacao/i3geo/issues/3

github.com/wagnerdracha/ProofOfConcept/blob/main/i3geo_proof_of_concept.txt

owasp.org/www-community/attacks/xss/

softwarepublico.gov.br/social/i3geo

0.002 Low

EPSS

Percentile

54.1%

Related for PRION:CVE-2022-34092