Lucene search
HistoryFeb 02, 2023 - 9:22 p.m.
CVE-2022-48140
cve-2022-48140
dedecms
xss
vulnerability
file_manage_view.php
edit
filename
5.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
0.001 Low
EPSS
Percentile
23.1%
DedeCMS v5.7.97 was discovered to contain a cross-site scripting (XSS) vulnerability in the component /file_manage_view.php?fmdo=edit&filename.
Affected configurations
Node
dedecmsdedecmsMatch5.7.97
| CPE | Name | Operator | Version |
|---|---|---|---|
| dedecms:dedecms | dedecms | eq | 5.7.97 |
Related
prion
prion
Cross site scripting
2023-02-02 21:22:00
openvas
openvas
DedeCMS 5.x XSS Vulnerability (Dec 2022)
2023-02-03 00:00:00
nvd
nvd
CVE-2022-48140
2023-02-02 21:22:46
cvelist
cvelist
CVE-2022-48140
2023-02-02 00:00:00
5.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
0.001 Low
EPSS
Percentile
23.1%
Related for CVE-2022-48140