Lucene search
China National Vulnerability DatabaseCNVD-2022-71620HistoryJun 09, 2022 - 12:00 a.m.
ACEware Systems ACEweb Online Portal Cross-Site Scripting Vulnerability
2022-06-0900:00:00
China National Vulnerability Database
www.cnvd.org.cn
6
0.001 Low
EPSS
Percentile
38.6%
ACEware Systems ACEweb Online Portal is a component of the Student Manager solution from ACEware Systems, Inc. A cross-site scripting vulnerability exists in ACEware Systems ACEweb Online Portal version 3.5.065, which originates in person. The txtNmName1 parameter in awp lacks a validation filter for user-supplied data and output data. An attacker could exploit this vulnerability to execute JavaScript code on the client side.
| CPE | Name | Operator | Version |
|---|---|---|---|
| aceware systems aceware systems aceweb online portal | eq | 3.5.065 |
Related
cvelist
cvelist
CVE-2022-24238
2022-05-27 18:29:04
nvd
nvd
CVE-2022-24238
2022-06-02 14:15:36
cve
cve
CVE-2022-24238
2022-06-02 14:15:36
prion
prion
Cross site scripting
2022-06-02 14:15:00