CVE-2021-26304
Severity
5.4MEDIUM
EPSS
0.2%
top 60.26%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedJan 29
Latest updateMay 24
Description
PHPGurukul Daily Expense Tracker System 1.0 is vulnerable to stored XSS via the add-expense.php Item parameter.
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:NExploitability: 2.3 | Impact: 2.7