Lucene search

VulDBCVE-2022-4233

HistoryNov 30, 2022 - 12:15 p.m.

CVE-2022-4233

2022-11-3012:15:10

CWE-707

CWE-79

VulDB

web.nvd.nist.gov

cve-2022-4233

sourcecodester

event registration system 1.0

vulnerability

cross site scripting

remote attack

nvd

CVSS3

6.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

EPSS

0.001

Percentile

31.4%

JSON

A vulnerability has been found in SourceCodester Event Registration System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /event/admin/?page=user/list. The manipulation of the argument First Name/Last Name leads to cross site scripting. The attack can be launched remotely. The associated identifier of this vulnerability is VDB-214591.

Affected configurations

Nvd

Vulners

Node

rinvizleevent_registration_systemMatch1.0

VendorProductVersionCPE
rinvizleevent_registration_system1.0cpe:2.3:a:rinvizle:event_registration_system:1.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
rinvizle	event_registration_system	1.0	cpe:2.3:a:rinvizle:event_registration_system:1.0:::::::*

CNA Affected

[
  {
    "vendor": "SourceCodester",
    "product": "Event Registration System",
    "versions": [
      {
        "version": "1.0",
        "status": "affected"
      }
    ]
  }
]

References

vuldb.com/?id.214591

CVSS3

6.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

EPSS

0.001

Percentile

31.4%

JSON

Related for CVE-2022-4233