CVE-2022-2829

🗓️ 23 Aug 2022 04:00:21Reported by @huntrdevType

cve🔗 web.nvd.nist.gov📰️ 5 Media mentions👁 53 Views

CVE-2022-2829 Cross-site Scripting (XSS) in GitHub repository yetiforcecompany/yetiforcecrm < 6.4.

Reporter	Title	Published	Views	Family All 10
ATTACKERKB	CVE-2022-2829	23 Aug 202204:15	–	attackerkb
Circl	CVE-2022-2829	23 Aug 202207:21	–	circl
CNNVD	YetiForceCrm 跨站脚本漏洞	23 Aug 202200:00	–	cnnvd
Cvelist	CVE-2022-2829 Cross-site Scripting (XSS) - Stored in yetiforcecompany/yetiforcecrm	23 Aug 202204:00	–	cvelist
Huntr	Stored XSS vulnerability when importing RSS Feeds from external source	12 Aug 202207:34	–	huntr
EUVD	EUVD-2022-35065	3 Oct 202520:07	–	euvd
NVD	CVE-2022-2829	23 Aug 202204:15	–	nvd
OSV	CVE-2022-2829 Cross-site Scripting (XSS) - Stored in yetiforcecompany/yetiforcecrm	23 Aug 202204:00	–	osv
Prion	Cross site scripting	23 Aug 202204:15	–	prion
RedhatCVE	CVE-2022-2829	5 Feb 202521:30	–	redhatcve

NVD

Node

yetiforce yetiforce_customer_relationship_managementRange<6.4.0

[
  {
    "product": "yetiforcecompany/yetiforcecrm",
    "vendor": "yetiforcecompany",
    "versions": [
      {
        "lessThan": "6.4.0",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
github	www.github.com/yetiforcecompany/yetiforcecrm/commit/2c14baaf8dbc7fd82d5c585f2fa0c23528450618
huntr	www.huntr.dev/bounties/d6eaa453-9758-41b7-8c38-fd878d6aeab4

21 Nov 2024 07:01Current

5.7Medium risk

Vulners AI Score5.7

CVSS 3.15.4

CVSS 38.8

EPSS0.00374

CWE-79