exploitDog

CVE-2022-40294

Опубликовано: 31 окт. 2022

Источник: nvd

CVSS3: 8.8

EPSS Низкий

Описание

The application was identified to have an CSV injection in data export functionality, allowing for malicious code to be embedded within export data and then triggered in exported data viewers.

Ссылки

https://www.themissinglink.com.au/security-advisories/cve-2022-40294
Third Party Advisory
https://www.themissinglink.com.au/security-advisories/cve-2022-40294
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:phppointofsale:php_point_of_sale:19.0:*:*:*:*:*:*:*

EPSS

Процентиль: 64%

0.00473

Низкий

8.8 High

CVSS3

Дефекты

CWE-1236

CWE-1236

Связанные уязвимости

GHSA-qp7g-v294-g9hj

CVSS3: 8.8

github

больше 3 лет назад

The application was identified to have an CSV injection in data export functionality, allowing for malicious code to be embedded within export data and then triggered in exported data viewers.

EPSS

Процентиль: 64%

0.00473

Низкий

8.8 High

CVSS3

Дефекты

CWE-1236

CWE-1236