Salonerp
1 CVEs
product
Monthly
SalonERP version 3.0.2 allows an external attacker to steal the cookie of arbitrary users. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
XSS
Salonerp
NVD
CVSS 3.1
6.1
EPSS
0.4%
EPSS 0%
CVSS 6.1
MEDIUM
POC
This Month
SalonERP version 3.0.2 allows an external attacker to steal the cookie of arbitrary users. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
XSS
Salonerp
NVD