exploitDog

CVE-2022-28975

Опубликовано: 09 янв. 2024

Источник: nvd

CVSS3: 5.4

EPSS Низкий

Описание

A stored cross-site scripting (XSS) vulnerability in Infoblox NIOS v8.5.2-409296 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the VLAN View Name field.

Ссылки

http://infoblox.com
Product
https://piotrryciak.com/posts/xss-infoblox/
Exploit
Third Party Advisory
http://infoblox.com
Product
https://piotrryciak.com/posts/xss-infoblox/
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:infoblox:nios:8.5.2:*:*:*:*:*:*:*

EPSS

Процентиль: 39%

0.00178

Низкий

5.4 Medium

CVSS3

Дефекты

CWE-79

CWE-79

Связанные уязвимости

GHSA-g2wq-4jp5-xm5p

CVSS3: 5.4

github

около 2 лет назад

A stored cross-site scripting (XSS) vulnerability in Infoblox NIOS v8.5.2-409296 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the VLAN View Name field.

EPSS

Процентиль: 39%

0.00178

Низкий

5.4 Medium

CVSS3

Дефекты

CWE-79

CWE-79