Количество 2
Количество 2
CVE-2022-31192
DSpace open source software is a repository application which provides durable access to digital resources. dspace-jspui is a UI component for DSpace. The JSPUI "Request a Copy" feature does not properly escape values submitted and stored from the "Request a Copy" form. This means that item requests could be vulnerable to XSS attacks. This vulnerability only impacts the JSPUI. Users are advised to upgrade. There are no known workarounds for this vulnerability.
GHSA-4wm8-c2vv-xrpq
JSPUI Possible Cross Site Scripting in "Request a Copy" Feature
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2022-31192 DSpace open source software is a repository application which provides durable access to digital resources. dspace-jspui is a UI component for DSpace. The JSPUI "Request a Copy" feature does not properly escape values submitted and stored from the "Request a Copy" form. This means that item requests could be vulnerable to XSS attacks. This vulnerability only impacts the JSPUI. Users are advised to upgrade. There are no known workarounds for this vulnerability. | CVSS3: 7.1 | 0% Низкий | больше 3 лет назад |
| GHSA-4wm8-c2vv-xrpq JSPUI Possible Cross Site Scripting in "Request a Copy" Feature | CVSS3: 7.1 | 0% Низкий | больше 3 лет назад |
Уязвимостей на страницу