Vulnerability Details : CVE-2023-30454
An issue was discovered in ebankIT before 7. Document Object Model based XSS exists within the /Security/Transactions/Transactions.aspx endpoint. Users can supply their own JavaScript within the ctl100$ctl00MainContent$TransactionMainContent$accControl$hdnAccountsArray POST parameter that will be passed to an eval() function and executed upon pressing the continue button.
Vulnerability category: Cross site scripting (XSS)
Exploit prediction scoring system (EPSS) score for CVE-2023-30454
0.13%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 47 %
Percentile, the proportion of vulnerabilities that are scored at or less