CVE-2022-34966

Опубликовано: 25 июл. 2022

Источник: nvd

CVSS3: 7.5

EPSS Низкий

Описание

OpenTeknik LLC OSSN OPEN SOURCE SOCIAL NETWORK v6.3 LTS was discovered to contain an HTML injection vulnerability via the location parameter at http://ip_address/:port/ossn/home.

Ссылки

https://github.com/opensource-socialnetwork/opensource-socialnetwork/releases/tag/6.3
Third Party Advisory
https://grimthereaperteam.medium.com/cve-2022-34966-ossn-6-3-lts-html-injection-vulnerability-at-location-parameter-3fe791dd22c6
Exploit
Third Party Advisory
https://www.opensource-socialnetwork.org/
Vendor Advisory
https://www.openteknik.com/contact?channel=ossn
Vendor Advisory
https://github.com/opensource-socialnetwork/opensource-socialnetwork/releases/tag/6.3
Third Party Advisory
https://grimthereaperteam.medium.com/cve-2022-34966-ossn-6-3-lts-html-injection-vulnerability-at-location-parameter-3fe791dd22c6
Exploit
Third Party Advisory
https://www.opensource-socialnetwork.org/
Vendor Advisory
https://www.openteknik.com/contact?channel=ossn
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:openteknik:open_source_social_network:6.3:*:*:*:lts:*:*:*

EPSS

Процентиль: 70%

0.00625

Низкий

7.5 High

CVSS3

Дефекты

CWE-79

Связанные уязвимости

GHSA-rj78-hfhf-pwp3