CVE-2022-23166

🗓️ 12 May 2022 19:49:52Reported by INCDType

cve🔗 web.nvd.nist.gov📰️ 3 Media mentions👁 75 Views

Sysaid LFI vulnerability allows unauthenticated access via "/lib/tinymce/examples/index.html". Update to 22.2.20 cloud, or 22.1.64 on premise

Reporter	Title	Published	Views	Family All 7
ATTACKERKB	CVE-2022-23166	9 May 202211:39	–	attackerkb
Circl	CVE-2022-23166	13 May 202200:42	–	circl
CNNVD	Sysaid Technologies SysAid 路径遍历漏洞	12 May 202200:00	–	cnnvd
Cvelist	CVE-2022-23166 Sysaid – Sysaid Local File Inclusion (LFI)	12 May 202219:49	–	cvelist
EUVD	EUVD-2022-28257	3 Oct 202520:07	–	euvd
NVD	CVE-2022-23166	12 May 202220:15	–	nvd
Prion	Design/Logic Flaw	12 May 202220:15	–	prion

NVD

Node

sysaid sysaidRange<22.1.64on-premises

sysaid sysaidRange<22.2.20cloud

[
  {
    "platforms": [
      "cloud"
    ],
    "product": "Sysaid",
    "vendor": "SysAid",
    "versions": [
      {
        "lessThanOrEqual": "22.2.19",
        "status": "affected",
        "version": "22.2.19 cloud version",
        "versionType": "custom"
      }
    ]
  },
  {
    "platforms": [
      "on premise"
    ],
    "product": "Sysaid",
    "vendor": "SysAid",
    "versions": [
      {
        "lessThanOrEqual": "22.1.63",
        "status": "affected",
        "version": "22.1.63 on premise version",
        "versionType": "custom"
      }
    ]
  }
]