CVE-2022-42000

🗓️ 15 Nov 2022 15:17:15Reported by HWType

cve🔗 web.nvd.nist.gov📰️ 6 Media mentions👁 33 Views

XSS vulnerability in BlueSpiceSocialProfile extension allows HTML injection into comment sectio

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 3
Cvelist	CVE-2022-42000 Potential XSS in comment section	15 Nov 202214:24	–	cvelist
Prion	Cross site scripting	15 Nov 202215:15	–	prion
NVD	CVE-2022-42000	15 Nov 202215:15	–	nvd

Nvd

Node

hallowelt bluespiceRange4.1.0–4.2.1

[
  {
    "vendor": "Hallo Welt! GmbH",
    "product": "BlueSpice",
    "versions": [
      {
        "version": "4",
        "status": "affected",
        "lessThan": "4.2.1",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
en	www.en.wiki.bluespice.com/wiki/Security:Security_Advisories/BSSA-2022-04

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

15 Nov 2022 15:15Current

4.5Medium risk

Vulners AI Score4.5

CVSS33.3 - 5.4

EPSS0.00266

CWE-79