CVE-2022-1503

Опубликовано: 27 апр. 2022

Источник: nvd

CVSS3: 3.5

CVSS3: 5.4

CVSS2: 3.5

EPSS Низкий

Описание

A vulnerability, which was classified as problematic, has been found in GetSimple CMS. Affected by this issue is the file /admin/edit.php of the Content Module. The manipulation of the argument post-content with an input like leads to cross site scripting. The attack may be launched remotely but requires authentication. Expoit details have been disclosed within the advisory.

Ссылки

https://github.com/joinia/project/blob/main/GetSimple/GetSimplereadme.md
Exploit
Third Party Advisory
https://vuldb.com/?id.198542
Third Party Advisory
https://github.com/joinia/project/blob/main/GetSimple/GetSimplereadme.md
Exploit
Third Party Advisory
https://vuldb.com/?id.198542
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:get-simple:getsimple_cms:-:*:*:*:*:*:*:*

EPSS

Процентиль: 39%

0.00175

Низкий

3.5 Low

CVSS3

5.4 Medium

CVSS3

3.5 Low

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-284m-6732-qrhg

CVSS3: 5.4

github

больше 3 лет назад

A vulnerability, which was classified as problematic, has been found in GetSimple CMS. Affected by this issue is the file /admin/edit.php of the Content Module. The manipulation of the argument post-content with an input like <script>alert(1)</script> leads to cross site scripting. The attack may be launched remotely but requires authentication. Expoit details have been disclosed within the advisory.

EPSS

Процентиль: 39%

0.00175

Низкий

3.5 Low

CVSS3

5.4 Medium

CVSS3

3.5 Low

CVSS2

Дефекты

CWE-79