Cross-Site Scripting Vulnerabilities in Project-Pier by ProjectPier
CVE-2015-2796
6.1MEDIUM
What is CVE-2015-2796?
Multiple cross-site scripting (XSS) vulnerabilities exist within Project-Pier ProjectPier-Core, permitting remote attackers to inject arbitrary web scripts or HTML through manipulation of the search_for parameter. These vulnerabilities can be exploited via the scripts search_by_tag.php, search_contacts.php, or search.php, posing a significant risk as they allow attackers to execute unwanted actions within the context of a user's browser.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
References
CVSS V3.1
Score:
6.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed
Timeline
Vulnerability published
Vulnerability Reserved