exploitDog

CVE-2022-37250

Опубликовано: 16 сент. 2022

Источник: nvd

CVSS3: 5.4

EPSS Низкий

Описание

Craft CMS 4.2.0.1 suffers from Stored Cross Site Scripting (XSS) in /admin/myaccount.

Ссылки

https://github.com/craftcms/cms/commit/cdc9cb66d0716c9552e4113c8e426fd1a31f9516
Patch
Third Party Advisory
https://labs.integrity.pt/advisories/cve-2022-37250/
Exploit
Patch
Third Party Advisory
https://github.com/craftcms/cms/commit/cdc9cb66d0716c9552e4113c8e426fd1a31f9516
Patch
Third Party Advisory
https://labs.integrity.pt/advisories/cve-2022-37250/
Exploit
Patch
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:craftcms:craft_cms:4.2.0.1:*:*:*:*:*:*:*

EPSS

Процентиль: 53%

0.00307

Низкий

5.4 Medium

CVSS3

Дефекты

CWE-79

CWE-79

Связанные уязвимости

GHSA-8r89-x93x-mjq2

CVSS3: 5.4

github

больше 3 лет назад

Craft CMS Stored Cross-site Scripting in User Addresses Title

EPSS

Процентиль: 53%

0.00307

Низкий

5.4 Medium

CVSS3

Дефекты

CWE-79

CWE-79