Lucene search

[email protected]CVE-2022-34963

HistoryJul 25, 2022 - 3:15 p.m.

CVE-2022-34963

2022-07-2515:15:09

CWE-79

[email protected]

web.nvd.nist.gov

cve-2022-34963

openteknik llc

ossn

open source social network

xss

vulnerability

news feed module

5.4 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

0.002 Low

EPSS

Percentile

53.3%

JSON

OpenTeknik LLC OSSN OPEN SOURCE SOCIAL NETWORK v6.3 LTS was discovered to contain a stored cross-site scripting (XSS) vulnerability via the News Feed module.

Affected configurations

NVD

Node

openteknikopen_source_social_networkMatch6.3lts

CPENameOperatorVersion
openteknik:open_source_social_networkopenteknik open source social networkeq6.3

CPE	Name	Operator	Version
openteknik:open_source_social_network	openteknik open source social network	eq	6.3

References

github.com/bypazs/CVE-2022-34963

github.com/opensource-socialnetwork/opensource-socialnetwork/releases/tag/6.3

grimthereaperteam.medium.com/cve-2022-34963-ossn-6-3-lts-stored-xss-vulnerability-at-news-feed-b8ae8f2fa5f3

www.opensource-socialnetwork.org/

www.openteknik.com/contact?channel=ossn

Social References