The TRMTracker web application is vulnerable to reflected Cross-site scripting attack. The application allows client-side code injection that might be used to compromise the confidentiality and integrity of the system.
La aplicación web TRMTracker es vulnerable a ataques de Cross-site scripting reflejado. Permite la inyección de código del lado del cliente que podría utilizarse para comprometer la confidencialidad e integridad del sistema.
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
| Attack Vector | NETWORK |
|---|---|
| Attack Complexity | LOW |
| Privileges Required | NONE |
| User Interaction | REQUIRED |
| Scope | CHANGED |
| Confidentiality Impact | LOW |
| Integrity Impact | LOW |
| Availability Impact | NONE |
| Source | Type | Description |
|---|---|---|
| [email protected] | Secondary |
en
CWE-79
|