Supersmart Me Walk Through
Monthly
insert HTML / js code inside input how to get to the vulnerable input : Workers > worker nickname > inject in this input the code. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
It was possible to download all receipts without authentication. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
insert HTML / js code inside input how to get to the vulnerable input : Workers > worker nickname > inject in this input the code. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
It was possible to download all receipts without authentication. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.