exploitDog

CVE-2022-42097

Опубликовано: 22 нояб. 2022

Источник: nvd

CVSS3: 4.8

EPSS Низкий

Описание

Backdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via 'Comment.' .

Ссылки

https://backdropcms.org
Product
Vendor Advisory
https://github.com/backdrop/backdrop/releases/tag/1.23.0
Release Notes
Third Party Advisory
https://github.com/bypazs/CVE-2022-42097
Exploit
Third Party Advisory
https://grimthereaperteam.medium.com/cve-2022-42097-backdrop-xss-at-comments-2ea536ec55e1
Exploit
Third Party Advisory
https://backdropcms.org
Product
Vendor Advisory
https://github.com/backdrop/backdrop/releases/tag/1.23.0
Release Notes
Third Party Advisory
https://github.com/bypazs/CVE-2022-42097
Exploit
Third Party Advisory
https://grimthereaperteam.medium.com/cve-2022-42097-backdrop-xss-at-comments-2ea536ec55e1
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:backdropcms:backdrop:1.23.0:*:*:*:*:*:*:*

EPSS

Процентиль: 70%

0.00623

Низкий

4.8 Medium

CVSS3

Дефекты

CWE-79

CWE-79

Связанные уязвимости

CVE-2022-42097

CVSS3: 4.8

debian

около 3 лет назад

Backdrop CMS version 1.23.0 was discovered to contain a stored cross-s ...

GHSA-g9cp-9fw3-56cf

CVSS3: 4.8

github

около 3 лет назад

Cross-site Scripting in Backdrop CMS

EPSS

Процентиль: 70%

0.00623

Низкий

4.8 Medium

CVSS3

Дефекты

CWE-79

CWE-79