Lucene search

[email protected]CVE-2022-34966

HistoryJul 25, 2022 - 7:15 p.m.

CVE-2022-34966

2022-07-2519:15:43

CWE-79

[email protected]

web.nvd.nist.gov

cve-2022-34966

openteknik llc

ossn

html injection

vulnerability

nvd

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

0.002 Low

EPSS

Percentile

59.5%

JSON

OpenTeknik LLC OSSN OPEN SOURCE SOCIAL NETWORK v6.3 LTS was discovered to contain an HTML injection vulnerability via the location parameter at http://ip_address/:port/ossn/home.

Affected configurations

NVD

Node

openteknikopen_source_social_networkMatch6.3lts

CPENameOperatorVersion
openteknik:open_source_social_networkopenteknik open source social networkeq6.3

CPE	Name	Operator	Version
openteknik:open_source_social_network	openteknik open source social network	eq	6.3

References

github.com/opensource-socialnetwork/opensource-socialnetwork/releases/tag/6.3

grimthereaperteam.medium.com/cve-2022-34966-ossn-6-3-lts-html-injection-vulnerability-at-location-parameter-3fe791dd22c6

www.opensource-socialnetwork.org/

www.openteknik.com/contact?channel=ossn

Social References

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

0.002 Low

EPSS

Percentile

59.5%

JSON

Related for CVE-2022-34966

prion1 nvd1 osv1 cvelist1