CVE-2022-1817

Опубликовано: 23 мая 2022

Источник: nvd

CVSS3: 3.5

CVSS3: 5.4

CVSS2: 3.5

EPSS Низкий

Описание

A vulnerability, which was classified as problematic, was found in Badminton Center Management System. This affects the userlist module at /bcms/admin/?page=user/list. The manipulation of the argument username with the input 1 leads to an authenticated cross site scripting. Exploit details have been disclosed to the public.

Ссылки

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:badminton_center_management_system_project:badminton_center_management_system:1.0:*:*:*:*:*:*:*

EPSS

Процентиль: 40%

0.00185

Низкий

3.5 Low

CVSS3

5.4 Medium

CVSS3

3.5 Low

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-2g47-r557-h83r

CVSS3: 5.4

github

больше 3 лет назад

A vulnerability, which was classified as problematic, was found in Badminton Center Management System. This affects the userlist module at /bcms/admin/?page=user/list. The manipulation of the argument username with the input </td><img src="" onerror="alert(1)"><td>1 leads to an authenticated cross site scripting. Exploit details have been disclosed to the public.

EPSS

Процентиль: 40%

0.00185

Низкий

3.5 Low

CVSS3

5.4 Medium

CVSS3

3.5 Low

CVSS2

Дефекты

CWE-79