CVE-2022-1816

Опубликовано: 23 мая 2022

Источник: nvd

CVSS3: 3.5

CVSS3: 5.4

CVSS2: 3.5

EPSS Низкий

Описание

A vulnerability, which was classified as problematic, has been found in Zoo Management System 1.0. Affected by this issue is /zoo/admin/public_html/view_accounts?type=zookeeper of the content module. The manipulation of the argument admin_name with the input leads to an authenticated cross site scripting. Exploit details have been disclosed to the public.

Ссылки

https://github.com/Xor-Gerke/webray.com.cn/blob/main/cve/Zoo-Management-System/Zoo-Management-System%28XSS%29.md
Broken Link
https://vuldb.com/?id.200558
Third Party Advisory
https://github.com/Xor-Gerke/webray.com.cn/blob/main/cve/Zoo-Management-System/Zoo-Management-System%28XSS%29.md
Broken Link
https://vuldb.com/?id.200558
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:phpgurukul:zoo_management_system:1.0:*:*:*:*:*:*:*

EPSS

Процентиль: 40%

0.00185

Низкий

3.5 Low

CVSS3

5.4 Medium

CVSS3

3.5 Low

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-pmpw-4q9q-8w52

CVSS3: 5.4

github

больше 3 лет назад

A vulnerability, which was classified as problematic, has been found in Zoo Management System 1.0. Affected by this issue is /zoo/admin/public_html/view_accounts?type=zookeeper of the content module. The manipulation of the argument admin_name with the input <script>alert(1)</script> leads to an authenticated cross site scripting. Exploit details have been disclosed to the public.

EPSS

Процентиль: 40%

0.00185

Низкий

3.5 Low

CVSS3

5.4 Medium

CVSS3

3.5 Low

CVSS2

Дефекты

CWE-79