CVE-2021-26303
Severity
6.1MEDIUM
EPSS
0.2%
top 56.39%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedJan 29
Latest updateMay 24
Description
PHPGurukul Daily Expense Tracker System 1.0 is vulnerable to stored XSS via the user-profile.php Full Name field.
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.7