CVE-2022-48012

Опубликовано: 27 янв. 2023

Источник: nvd

CVSS3: 6.1

EPSS Низкий

Описание

Opencats v0.9.7 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the component /opencats/index.php?m=settings&a=ajax_tags_upd.

Ссылки

https://github.com/Sakura-501/Opencats-0.9.7-Vulnerabilities
Third Party Advisory
https://github.com/Sakura-501/Opencats-0.9.7-Vulnerabilities/blob/main/Opencats-0.9.7-Reflected%20XSS%20in%20onChangeTag.md
Exploit
Third Party Advisory
https://github.com/Sakura-501/Opencats-0.9.7-Vulnerabilities
Third Party Advisory
https://github.com/Sakura-501/Opencats-0.9.7-Vulnerabilities/blob/main/Opencats-0.9.7-Reflected%20XSS%20in%20onChangeTag.md
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:opencats:opencats:0.9.7:*:*:*:*:*:*:*

EPSS

Процентиль: 88%

0.03793

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-79

Связанные уязвимости

GHSA-wrg2-x799-vg7j