CVE-2022-4640

Опубликовано: 21 дек. 2022

Источник: nvd

CVSS3: 3.5

CVSS3: 5.4

EPSS Низкий

Описание

A vulnerability has been found in Mingsoft MCMS 5.2.9 and classified as problematic. Affected by this vulnerability is the function save of the component Article Handler. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-216499.

Ссылки

https://gitee.com/mingSoft/MCMS/issues/I65KI5
Exploit
Issue Tracking
Third Party Advisory
https://vuldb.com/?id.216499
Third Party Advisory
https://gitee.com/mingSoft/MCMS/issues/I65KI5
Exploit
Issue Tracking
Third Party Advisory
https://vuldb.com/?id.216499
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:mingsoft:mcms:5.2.9:*:*:*:*:*:*:*

EPSS

Процентиль: 39%

0.00177

Низкий

3.5 Low

CVSS3

5.4 Medium

CVSS3

Дефекты

CWE-707

Связанные уязвимости

GHSA-6rvv-h8g7-728w

CVSS3: 5.4

github

около 3 лет назад

Mingsoft MCMS Cross-site Scripting vulnerability

EPSS

Процентиль: 39%

0.00177

Низкий

3.5 Low

CVSS3

5.4 Medium

CVSS3

Дефекты

CWE-707