Lucene search
China National Vulnerability DatabaseCNVD-2022-88791HistorySep 30, 2022 - 12:00 a.m.
Zephyr Cross-Site Scripting Vulnerability
2022-09-3000:00:00
China National Vulnerability Database
www.cnvd.org.cn
10
cross-site scripting
zephyr project manager
version 3.2.5
user-supplied data
animationstart parameter
attackers
exploitation
0.001 Low
EPSS
Percentile
21.6%
A cross-site scripting vulnerability exists in versions of Zephyr Project Manager prior to 3.2.5, which stems from the lack of effective filtering and escaping of user-supplied data in the onanimationstart parameter, which can be exploited by attackers to leading to cross-site scripting attacks.
| CPE | Name | Operator | Version |
|---|---|---|---|
| zephyr project zephyr project manager | lt | 3.2.5 |
Related
cve
cve
CVE-2022-3333
2022-09-28 05:15:09
prion
prion
Cross site scripting
2022-09-28 05:15:00
cvelist
cvelist
CVE-2022-3333 Zephyr Project Manager REST Call cross site scripting
2022-09-28 04:35:12
nvd
nvd
CVE-2022-3333
2022-09-28 05:15:09