Description

Cross-Site Scripting (XSS) vulnerability in Zhiyuan G6 Government Collaboration System V6.1SP1, via the 'method' parameter to 'seeyon/hrSalary.do'.

Related CPE's

a

seeyon

g6_government_collaborative_system

6.1

sp1

Vulnerable

References

http://note.youdao.com/noteshare?id=29f908204968a79233c1c0c80a59f8ff&sub=AFA8E81AA31C4482974869C5DFE07033

ExploitThird Party Advisory

http://note.youdao.com/noteshare?id=51d8946722c0304b5bfd72da03eaf013&sub=BDBAD6EDD2C941C18AB57141313AB5FE

ExploitThird Party Advisory

Weaknesses

[email protected]

Primary
CWE-79

CVSS impact metrics

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

5.4 · Medium

  • CVSS V3.1

  • CVSS V3.0

  • CVSS V2.0

Information

Source identifier

[email protected]

Vulnerability status

Analyzed

Published

2021-03-30T03:15:13.530

4 years ago

Last modified

2021-04-01T02:23:58.977

4 years ago